Skip to content

S
spring-boot
Commit 30c05b2b authored by Andy Wilkinson's avatar Andy Wilkinson
Browse files
Options

Support X-Forwarded-Host header when auto-configuring RemoteIpValve 

Closes gh-18233
parent 303974fd
Hide whitespace changes
Inline Side-by-side
Showing with 16 additions and 0 deletions
spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/web/ServerProperties.java
View file @ 30c05b2b
...@@ -321,6 +321,11 @@ public class ServerProperties { ...@@ -321,6 +321,11 @@ public class ServerProperties {
*/ */
private String remoteIpHeader; private String remoteIpHeader;
/**
* Name of the HTTP header from which the remote host is extracted.
*/
private String hostHeader = "X-Forwarded-Host";
/** /**
* Tomcat base directory. If not specified, a temporary directory is used. * Tomcat base directory. If not specified, a temporary directory is used.
*/ */
...@@ -519,6 +524,14 @@ public class ServerProperties { ...@@ -519,6 +524,14 @@ public class ServerProperties {
this.remoteIpHeader = remoteIpHeader; this.remoteIpHeader = remoteIpHeader;
} }
public String getHostHeader() {
return this.hostHeader;
}
public void setHostHeader(String hostHeader) {
this.hostHeader = hostHeader;
}
public Charset getUriEncoding() { public Charset getUriEncoding() {
return this.uriEncoding; return this.uriEncoding;
} }
......
spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/web/embedded/TomcatWebServerFactoryCustomizer.java
View file @ 30c05b2b
...@@ -183,6 +183,7 @@ public class TomcatWebServerFactoryCustomizer ...@@ -183,6 +183,7 @@ public class TomcatWebServerFactoryCustomizer
// The internal proxies default to a white list of "safe" internal IP // The internal proxies default to a white list of "safe" internal IP
// addresses // addresses
valve.setInternalProxies(tomcatProperties.getInternalProxies()); valve.setInternalProxies(tomcatProperties.getInternalProxies());
valve.setHostHeader(tomcatProperties.getHostHeader());
valve.setPortHeader(tomcatProperties.getPortHeader()); valve.setPortHeader(tomcatProperties.getPortHeader());
valve.setProtocolHeaderHttpsValue(tomcatProperties.getProtocolHeaderHttpsValue()); valve.setProtocolHeaderHttpsValue(tomcatProperties.getProtocolHeaderHttpsValue());
// ... so it's safe to add this valve by default. // ... so it's safe to add this valve by default.
......
spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/web/embedded/TomcatWebServerFactoryCustomizerTests.java
View file @ 30c05b2b
...@@ -243,6 +243,8 @@ class TomcatWebServerFactoryCustomizerTests { ...@@ -243,6 +243,8 @@ class TomcatWebServerFactoryCustomizerTests {
assertThat(remoteIpValve.getProtocolHeader()).isEqualTo("X-Forwarded-Proto"); assertThat(remoteIpValve.getProtocolHeader()).isEqualTo("X-Forwarded-Proto");
assertThat(remoteIpValve.getProtocolHeaderHttpsValue()).isEqualTo("https"); assertThat(remoteIpValve.getProtocolHeaderHttpsValue()).isEqualTo("https");
assertThat(remoteIpValve.getRemoteIpHeader()).isEqualTo("X-Forwarded-For"); assertThat(remoteIpValve.getRemoteIpHeader()).isEqualTo("X-Forwarded-For");
assertThat(remoteIpValve.getHostHeader()).isEqualTo("X-Forwarded-Host");
assertThat(remoteIpValve.getPortHeader()).isEqualTo("X-Forwarded-Port");
String expectedInternalProxies = "10\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}|" // 10/8 String expectedInternalProxies = "10\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}|" // 10/8
+ "192\\.168\\.\\d{1,3}\\.\\d{1,3}|" // 192.168/16 + "192\\.168\\.\\d{1,3}\\.\\d{1,3}|" // 192.168/16
+ "169\\.254\\.\\d{1,3}\\.\\d{1,3}|" // 169.254/16 + "169\\.254\\.\\d{1,3}\\.\\d{1,3}|" // 169.254/16
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment