felix-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Karl Pauls (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (FELIX-5662) SSLFilterRequest returns the server port of the underlying request instead of the default port of the protocol.
Date Tue, 04 Jul 2017 13:13:00 GMT

    [ https://issues.apache.org/jira/browse/FELIX-5662?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16073645#comment-16073645

Karl Pauls commented on FELIX-5662:

After looking at the sslfilter, it appears that we only wrap the request in case of a https
offload anyways - hence, it should be enough to hardcode the getServerPort() default to 443
(as we already the https protocol anyways). In other words, if we don't get a (parseable)
X-Forwarded-Port header we fallback to returning 443 as the default port. 

[~cziegeler], unless you disagree, I'll go ahead and make that change as well as follow-up
with a 1.2.2 release.

> SSLFilterRequest returns the server port of the underlying request instead of the default
port of the protocol.
> ---------------------------------------------------------------------------------------------------------------
>                 Key: FELIX-5662
>                 URL: https://issues.apache.org/jira/browse/FELIX-5662
>             Project: Felix
>          Issue Type: Bug
>          Components: HTTP Service
>    Affects Versions: http.sslfilter-1.2.0
>            Reporter: Karl Pauls
>            Assignee: Karl Pauls
>             Fix For: http.sslfilter-1.2.2
> FELIX-5259 made it so that the sslfilter request returns the underlying requests getServerPort()
if no X-Forwarded-Port header is present on a call to getServerPort().
> The problem that it tries to address is that the sslfilter returned -1 from getServerPort()
when no X-Forwarded-Port header is set. As the javadoc does say:
> {{int getServerPort()}}
> {{Returns the port number to which the request was sent. It is the value of the part
after ":" in the Host header value, if any, or the server port where the client connection
was accepted on.}}
> that is not allowed but the intention was correct namely, it should be the default port
for the forwarded protocol.
> However, the fix is wrong. It basically makes it so that if no X-Forwarded-Port header
is set the wrapped request will use the port of the connection. That doesn't make sense. It
should default to the default port of the forwarded protocol (it just can't fall back to simply
return -1 - it has to figure out the correct default port).

This message was sent by Atlassian JIRA

View raw message