From c5ac8e8ab62cf7a616d5316bc6ef6d5d5e461c10 Mon Sep 17 00:00:00 2001 From: Rossen Stoyanchev Date: Wed, 7 Apr 2021 12:49:41 +0100 Subject: [PATCH] Use createUnresolved for forwarded header address Avoid DNS resolution. See gh-26748 --- .../org/springframework/web/util/UriComponentsBuilder.java | 4 ++-- .../web/filter/ForwardedHeaderFilterTests.java | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/spring-web/src/main/java/org/springframework/web/util/UriComponentsBuilder.java b/spring-web/src/main/java/org/springframework/web/util/UriComponentsBuilder.java index 5e19d61b25..ebe9d5133e 100644 --- a/spring-web/src/main/java/org/springframework/web/util/UriComponentsBuilder.java +++ b/spring-web/src/main/java/org/springframework/web/util/UriComponentsBuilder.java @@ -371,14 +371,14 @@ public class UriComponentsBuilder implements UriBuilder, Cloneable { "Failed to parse a port from \"forwarded\"-type header value: " + value); } } - return new InetSocketAddress(host, port); + return InetSocketAddress.createUnresolved(host, port); } } String forHeader = request.getHeaders().getFirst("X-Forwarded-For"); if (StringUtils.hasText(forHeader)) { String host = StringUtils.tokenizeToStringArray(forHeader, ",")[0]; - return new InetSocketAddress(host, port); + return InetSocketAddress.createUnresolved(host, port); } return null; diff --git a/spring-web/src/test/java/org/springframework/web/filter/ForwardedHeaderFilterTests.java b/spring-web/src/test/java/org/springframework/web/filter/ForwardedHeaderFilterTests.java index c6407c1de3..f224591e4e 100644 --- a/spring-web/src/test/java/org/springframework/web/filter/ForwardedHeaderFilterTests.java +++ b/spring-web/src/test/java/org/springframework/web/filter/ForwardedHeaderFilterTests.java @@ -441,7 +441,7 @@ public class ForwardedHeaderFilterTests { request.addHeader(FORWARDED, "for=\"[2001:db8:cafe::17]\""); HttpServletRequest actual = filterAndGetWrappedRequest(); - assertThat(actual.getRemoteAddr()).isEqualTo(actual.getRemoteHost()).isEqualTo("2001:db8:cafe:0:0:0:0:17"); + assertThat(actual.getRemoteAddr()).isEqualTo(actual.getRemoteHost()).isEqualTo("[2001:db8:cafe::17]"); assertThat(actual.getRemotePort()).isEqualTo(MockHttpServletRequest.DEFAULT_SERVER_PORT); } @@ -459,7 +459,7 @@ public class ForwardedHeaderFilterTests { request.addHeader(FORWARDED, "For=\"[2001:db8:cafe::17]:47011\""); HttpServletRequest actual = filterAndGetWrappedRequest(); - assertThat(actual.getRemoteAddr()).isEqualTo(actual.getRemoteHost()).isEqualTo("2001:db8:cafe:0:0:0:0:17"); + assertThat(actual.getRemoteAddr()).isEqualTo(actual.getRemoteHost()).isEqualTo("[2001:db8:cafe::17]"); assertThat(actual.getRemotePort()).isEqualTo(47011); }