Bugzilla – Full Text Bug Listing
| Summary: | The NestedConnector#isConfidential always returns false | ||
|---|---|---|---|
| Product: | [RT] Jetty | Reporter: | Hugues Malphettes <hmalphettes> |
| Component: | server | Assignee: | Greg Wilkins <gregw> |
| Status: | RESOLVED FIXED | QA Contact: | |
| Severity: | major | ||
| Priority: | P3 | CC: | jetty-inbox |
| Version: | 7.4.0 | ||
| Target Milestone: | 7.2.x | ||
| Hardware: | All | ||
| OS: | All | ||
| Whiteboard: | |||
|
Description
Hugues Malphettes
The suggested patch consists of doing what the SslChannelSelectConnector does:
Override the method isConfidential in the NestedConnector.
/**
* In the case of the NesteConnector it is not clear that we can check the forwarded attribute.
* We do something similar to what the Ssl*Connector does.
* @see org.eclipse.jetty.server.Connector#isConfidential(org.eclipse.jetty.server.Request)
* @see org.eclipse.jetty.server.ssl.SslSelectChannelConnector#isConfidential(org.eclipse.jetty.server.Request)
*/
public boolean isConfidential(Request request)
{
if (request.getScheme().equalsIgnoreCase(HttpSchemes.HTTPS))
{
final int confidentialPort = getConfidentialPort();
return confidentialPort == 0 || confidentialPort == request.getServerPort();
}
else
{
return false;
}
}
the connector is now setup in forwarded mode and inspects for the x-forwarded-for headers. Also the outer request is consulted when setting the protocol. |