Check both https and wss in forwarded header checks

Closes gh-27097
This commit is contained in:
Rossen Stoyanchev
2021-07-13 16:31:58 +01:00
parent 6ec7cffc93
commit e1f51cbce7
4 changed files with 18 additions and 12 deletions

View File

@@ -30,6 +30,8 @@ import javax.servlet.http.HttpServletResponse;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Nested;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.ValueSource;
import org.springframework.web.testfixture.servlet.MockFilterChain;
import org.springframework.web.testfixture.servlet.MockHttpServletRequest;
@@ -102,10 +104,11 @@ public class ForwardedHeaderFilterTests {
assertThat(this.filter.shouldNotFilter(new MockHttpServletRequest())).isTrue();
}
@Test
public void forwardedRequest() throws Exception {
@ParameterizedTest
@ValueSource(strings = {"https", "wss"})
public void forwardedRequest(String protocol) throws Exception {
this.request.setRequestURI("/mvc-showcase");
this.request.addHeader(X_FORWARDED_PROTO, "https");
this.request.addHeader(X_FORWARDED_PROTO, protocol);
this.request.addHeader(X_FORWARDED_HOST, "84.198.58.199");
this.request.addHeader(X_FORWARDED_PORT, "443");
this.request.addHeader("foo", "bar");
@@ -115,8 +118,8 @@ public class ForwardedHeaderFilterTests {
HttpServletRequest actual = (HttpServletRequest) this.filterChain.getRequest();
assertThat(actual).isNotNull();
assertThat(actual.getRequestURL().toString()).isEqualTo("https://84.198.58.199/mvc-showcase");
assertThat(actual.getScheme()).isEqualTo("https");
assertThat(actual.getRequestURL().toString()).isEqualTo(protocol + "://84.198.58.199/mvc-showcase");
assertThat(actual.getScheme()).isEqualTo(protocol);
assertThat(actual.getServerName()).isEqualTo("84.198.58.199");
assertThat(actual.getServerPort()).isEqualTo(443);
assertThat(actual.isSecure()).isTrue();

View File

@@ -28,6 +28,8 @@ import java.util.Optional;
import java.util.function.BiConsumer;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.ValueSource;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpRequest;
@@ -374,10 +376,11 @@ class UriComponentsBuilderTests {
assertThat(result.getQuery()).isEqualTo("a=1");
}
@Test // SPR-12771
void fromHttpRequestResetsPortBeforeSettingIt() {
@ParameterizedTest // gh-17368, gh-27097
@ValueSource(strings = {"https", "wss"})
void fromHttpRequestResetsPortBeforeSettingIt(String protocol) {
MockHttpServletRequest request = new MockHttpServletRequest();
request.addHeader("X-Forwarded-Proto", "https");
request.addHeader("X-Forwarded-Proto", protocol);
request.addHeader("X-Forwarded-Host", "84.198.58.199");
request.addHeader("X-Forwarded-Port", 443);
request.setScheme("http");
@@ -388,7 +391,7 @@ class UriComponentsBuilderTests {
HttpRequest httpRequest = new ServletServerHttpRequest(request);
UriComponents result = UriComponentsBuilder.fromHttpRequest(httpRequest).build();
assertThat(result.getScheme()).isEqualTo("https");
assertThat(result.getScheme()).isEqualTo(protocol);
assertThat(result.getHost()).isEqualTo("84.198.58.199");
assertThat(result.getPort()).isEqualTo(-1);
assertThat(result.getPath()).isEqualTo("/rest/mobile/users/1");