felix-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Carsten Ziegeler (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (FELIX-5662) SSLFilterRequest returns the server port of the underlying request instead of the default port of the protocol.
Date Tue, 04 Jul 2017 13:18:00 GMT

    [ https://issues.apache.org/jira/browse/FELIX-5662?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16073654#comment-16073654
] 

Carsten Ziegeler commented on FELIX-5662:
-----------------------------------------

Sounds fine to me, we could think about using the port of the request if it is not 80 though
- but always usign 443 in that case is as good or as bad I think

> SSLFilterRequest returns the server port of the underlying request instead of the default
port of the protocol.
> ---------------------------------------------------------------------------------------------------------------
>
>                 Key: FELIX-5662
>                 URL: https://issues.apache.org/jira/browse/FELIX-5662
>             Project: Felix
>          Issue Type: Bug
>          Components: HTTP Service
>    Affects Versions: http.sslfilter-1.2.0
>            Reporter: Karl Pauls
>            Assignee: Karl Pauls
>             Fix For: http.sslfilter-1.2.2
>
>
> FELIX-5259 made it so that the sslfilter request returns the underlying requests getServerPort()
if no X-Forwarded-Port header is present on a call to getServerPort().
> The problem that it tries to address is that the sslfilter returned -1 from getServerPort()
when no X-Forwarded-Port header is set. As the javadoc does say:
> {{int getServerPort()}}
> {{Returns the port number to which the request was sent. It is the value of the part
after ":" in the Host header value, if any, or the server port where the client connection
was accepted on.}}
> that is not allowed but the intention was correct namely, it should be the default port
for the forwarded protocol.
> However, the fix is wrong. It basically makes it so that if no X-Forwarded-Port header
is set the wrapped request will use the port of the connection. That doesn't make sense. It
should default to the default port of the forwarded protocol (it just can't fall back to simply
return -1 - it has to figure out the correct default port).



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message