Re: [jetty-users] Jetty 12 return wrong Host header?
Hi,
to me both issues looked related, but yes - it is a bit different. In my
case it affects HTTP/1.1 (as NGINX forwards using that protocol), in
Silvio's it looks HTTP/2.
If I have a bit of time I will try to write a small embedded jetty
reproducer that returns different results for Jetty 10 and 12.
Because Silvio said, that he uses HostHeaderCustomizer I thought it
might be related. But difference is that for me the getRequestURL()
contains wrong port, but for him it is the host header (I have no
checked the Host header here, as the servilet in questin was using
getRequestURL()).
Uwe
Am 14.08.2023 um 00:54 schrieb Silvio Bierman via jetty-users:
Issue opened:
https://github.com/eclipse/jetty.project/issues/10306
On 13-08-2023 01:31, Greg Wilkins via jetty-users wrote:
Actually,
I think Uwe's and Silvio's problems are similar but different.
Silvio, you have no forwarded request customizer headers and a real
"demo.jambo.software:8443" as the host header value. This could be a
http2 issue in recreating that header.
Uwe's issue is more about the customizer.
So Silvio, perhaps open a second issue?
cheers
P.S. We expect at least a monthly cadence of 12.0.x releases.
On Sun, 13 Aug 2023 at 08:52, Greg Wilkins wrote:
Silvio,
I'll respond more in Uwe's issue. Please post your details there
to help the triage.
cheers
On Sun, 13 Aug 2023 at 05:19, Uwe Schindler via jetty-users
wrote:
I opened: https://github.com/eclipse/jetty.project/issues/10304
Am 12.08.2023 um 19:30 schrieb Uwe Schindler via jetty-users:
I have seen the same after upgrading my project to Java 12.
The problem is that all Customizers are not able to
correctly set the port number.
This is a blocker issue, because it makes it impossible to
setup this common setup:
* NGINX as user facing web server with HTTPS enabled
* NGINX forwarding the requests to jetty listen only on
localhost with some arbitrary port number (in my case
8081). NGINX sets the following headers:
X-Forwarded-For, X-Forwarded-Proto, original "Host"
header as sent by client (no rewriting)
* Jetty with: http_config.addCustomizer(new
ForwardedRequestCustomizer());
* Jetty 10 works fine it reads the clien't IP address and
all other information from X-Forwarded-For, the scheme
is read from X-Forwarded-Proto, and host header is
coming from "Host" header. It also extracts the port
number from the host.
* Jetty 12 is setup in same way, it successfully extracts
the client's IP address and also it returns secure=true
and uses "https://; for
javax.servlet.HttServletRequest#getRequestURL(). But it
always adds its own private port number. I also tried to
use setForcedHost("xyz:443") to make sure it sees a port
number. It still constructs all URLs with port number
8081 where it listens on.
I will open a bug report. From my experience the
"customize()" method in the RequestCustomizer does
everything right also also returns the port number, but the
javax.servlet API seems to still use the port number used by
the connector's channel.
I reverted back to Jetty 10. This won't work here. If you
have any suggestion to get the port corrcet, tell me,
everything like subclassing and implementing my own
cutsomizer did not work. I was not able to debug through
everything and figure out where the listener port gets
injected again.
I can say: With current status Jetty 12 is unuseable with
the common proxy setup using ForwardedRequestCustomizer as
it tried to always inject its own hidden/private port number
instead of the default for the port as negotiated by
client/proxy with the Host header.
--
Uwe Schindler
uschind...@apache.org
ASF Member, Member of PMC and Committer of Apache Lucene and Apache Solr
Bremen, Germany
https://lucene.apache.org/
https://solr.apache.org/
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users
--
Greg Wilkins CTO http://webtide.com
--
Greg Wilkins CTO http://webtide.com
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list,
visithttps://www.eclipse.org/mailman/listinfo/jetty-users
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list,
visithttps://www.eclipse.org/mailman/listinfo/jetty-users
Re: [jetty-users] Jetty 12 return wrong Host header?
Issue opened:
https://github.com/eclipse/jetty.project/issues/10306
On 13-08-2023 01:31, Greg Wilkins via jetty-users wrote:
Actually,
I think Uwe's and Silvio's problems are similar but different.
Silvio, you have no forwarded request customizer headers and a real
"demo.jambo.software:8443" as the host header value. This could be a
http2 issue in recreating that header.
Uwe's issue is more about the customizer.
So Silvio, perhaps open a second issue?
cheers
P.S. We expect at least a monthly cadence of 12.0.x releases.
On Sun, 13 Aug 2023 at 08:52, Greg Wilkins wrote:
Silvio,
I'll respond more in Uwe's issue. Please post your details there
to help the triage.
cheers
On Sun, 13 Aug 2023 at 05:19, Uwe Schindler via jetty-users
wrote:
I opened: https://github.com/eclipse/jetty.project/issues/10304
Am 12.08.2023 um 19:30 schrieb Uwe Schindler via jetty-users:
I have seen the same after upgrading my project to Java 12.
The problem is that all Customizers are not able to correctly
set the port number.
This is a blocker issue, because it makes it impossible to
setup this common setup:
* NGINX as user facing web server with HTTPS enabled
* NGINX forwarding the requests to jetty listen only on
localhost with some arbitrary port number (in my case
8081). NGINX sets the following headers: X-Forwarded-For,
X-Forwarded-Proto, original "Host" header as sent by
client (no rewriting)
* Jetty with: http_config.addCustomizer(new
ForwardedRequestCustomizer());
* Jetty 10 works fine it reads the clien't IP address and
all other information from X-Forwarded-For, the scheme is
read from X-Forwarded-Proto, and host header is coming
from "Host" header. It also extracts the port number from
the host.
* Jetty 12 is setup in same way, it successfully extracts
the client's IP address and also it returns secure=true
and uses "https://; for
javax.servlet.HttServletRequest#getRequestURL(). But it
always adds its own private port number. I also tried to
use setForcedHost("xyz:443") to make sure it sees a port
number. It still constructs all URLs with port number
8081 where it listens on.
I will open a bug report. From my experience the
"customize()" method in the RequestCustomizer does everything
right also also returns the port number, but the
javax.servlet API seems to still use the port number used by
the connector's channel.
I reverted back to Jetty 10. This won't work here. If you
have any suggestion to get the port corrcet, tell me,
everything like subclassing and implementing my own
cutsomizer did not work. I was not able to debug through
everything and figure out where the listener port gets
injected again.
I can say: With current status Jetty 12 is unuseable with the
common proxy setup using ForwardedRequestCustomizer as it
tried to always inject its own hidden/private port number
instead of the default for the port as negotiated by
client/proxy with the Host header.
--
Uwe Schindler
uschind...@apache.org
ASF Member, Member of PMC and Committer of Apache Lucene and Apache Solr
Bremen, Germany
https://lucene.apache.org/
https://solr.apache.org/
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users
--
Greg Wilkins CTO http://webtide.com
--
Greg Wilkins CTO http://webtide.com
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list,
visithttps://www.eclipse.org/mailman/listinfo/jetty-users
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users
Re: [jetty-users] Jetty 12 return wrong Host header?
Actually,
I think Uwe's and Silvio's problems are similar but different.
Silvio, you have no forwarded request customizer headers and a real
"demo.jambo.software:8443" as the host header value. This could be a http2
issue in recreating that header.
Uwe's issue is more about the customizer.
So Silvio, perhaps open a second issue?
cheers
P.S. We expect at least a monthly cadence of 12.0.x releases.
On Sun, 13 Aug 2023 at 08:52, Greg Wilkins wrote:
> Silvio,
>
> I'll respond more in Uwe's issue. Please post your details there to help
> the triage.
>
> cheers
>
>
>
> On Sun, 13 Aug 2023 at 05:19, Uwe Schindler via jetty-users <
> jetty-users@eclipse.org> wrote:
>
>> I opened: https://github.com/eclipse/jetty.project/issues/10304
>> Am 12.08.2023 um 19:30 schrieb Uwe Schindler via jetty-users:
>>
>> I have seen the same after upgrading my project to Java 12. The problem
>> is that all Customizers are not able to correctly set the port number.
>>
>> This is a blocker issue, because it makes it impossible to setup this
>> common setup:
>>
>>- NGINX as user facing web server with HTTPS enabled
>>- NGINX forwarding the requests to jetty listen only on localhost
>>with some arbitrary port number (in my case 8081). NGINX sets the
>> following
>>headers: X-Forwarded-For, X-Forwarded-Proto, original "Host" header as
>> sent
>>by client (no rewriting)
>>- Jetty with: http_config.addCustomizer(new
>>ForwardedRequestCustomizer());
>>- Jetty 10 works fine it reads the clien't IP address and all other
>>information from X-Forwarded-For, the scheme is read from
>>X-Forwarded-Proto, and host header is coming from "Host" header. It also
>>extracts the port number from the host.
>>- Jetty 12 is setup in same way, it successfully extracts the
>>client's IP address and also it returns secure=true and uses "https://;
>>for javax.servlet.HttServletRequest#getRequestURL(). But it always adds
>> its
>>own private port number. I also tried to use setForcedHost("xyz:443") to
>>make sure it sees a port number. It still constructs all URLs with port
>>number 8081 where it listens on.
>>
>> I will open a bug report. From my experience the "customize()" method in
>> the RequestCustomizer does everything right also also returns the port
>> number, but the javax.servlet API seems to still use the port number used
>> by the connector's channel.
>>
>> I reverted back to Jetty 10. This won't work here. If you have any
>> suggestion to get the port corrcet, tell me, everything like subclassing
>> and implementing my own cutsomizer did not work. I was not able to debug
>> through everything and figure out where the listener port gets injected
>> again.
>>
>> I can say: With current status Jetty 12 is unuseable with the common
>> proxy setup using ForwardedRequestCustomizer as it tried to always inject
>> its own hidden/private port number instead of the default for the port as
>> negotiated by client/proxy with the Host header.
>>
>> --
>> Uwe schindleruschind...@apache.org
>> ASF Member, Member of PMC and Committer of Apache Lucene and Apache Solr
>> Bremen, Germanyhttps://lucene.apache.org/https://solr.apache.org/
>>
>> ___
>> jetty-users mailing list
>> jetty-users@eclipse.org
>> To unsubscribe from this list, visit
>> https://www.eclipse.org/mailman/listinfo/jetty-users
>>
>
>
> --
> Greg Wilkins CTO http://webtide.com
>
--
Greg Wilkins CTO http://webtide.com
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users
Re: [jetty-users] Jetty 12 return wrong Host header?
Silvio,
I'll respond more in Uwe's issue. Please post your details there to help
the triage.
cheers
On Sun, 13 Aug 2023 at 05:19, Uwe Schindler via jetty-users <
jetty-users@eclipse.org> wrote:
> I opened: https://github.com/eclipse/jetty.project/issues/10304
> Am 12.08.2023 um 19:30 schrieb Uwe Schindler via jetty-users:
>
> I have seen the same after upgrading my project to Java 12. The problem is
> that all Customizers are not able to correctly set the port number.
>
> This is a blocker issue, because it makes it impossible to setup this
> common setup:
>
>- NGINX as user facing web server with HTTPS enabled
>- NGINX forwarding the requests to jetty listen only on localhost with
>some arbitrary port number (in my case 8081). NGINX sets the following
>headers: X-Forwarded-For, X-Forwarded-Proto, original "Host" header as sent
>by client (no rewriting)
>- Jetty with: http_config.addCustomizer(new
>ForwardedRequestCustomizer());
>- Jetty 10 works fine it reads the clien't IP address and all other
>information from X-Forwarded-For, the scheme is read from
>X-Forwarded-Proto, and host header is coming from "Host" header. It also
>extracts the port number from the host.
>- Jetty 12 is setup in same way, it successfully extracts the client's
>IP address and also it returns secure=true and uses "https://; for
>javax.servlet.HttServletRequest#getRequestURL(). But it always adds its own
>private port number. I also tried to use setForcedHost("xyz:443") to make
>sure it sees a port number. It still constructs all URLs with port number
>8081 where it listens on.
>
> I will open a bug report. From my experience the "customize()" method in
> the RequestCustomizer does everything right also also returns the port
> number, but the javax.servlet API seems to still use the port number used
> by the connector's channel.
>
> I reverted back to Jetty 10. This won't work here. If you have any
> suggestion to get the port corrcet, tell me, everything like subclassing
> and implementing my own cutsomizer did not work. I was not able to debug
> through everything and figure out where the listener port gets injected
> again.
>
> I can say: With current status Jetty 12 is unuseable with the common proxy
> setup using ForwardedRequestCustomizer as it tried to always inject its own
> hidden/private port number instead of the default for the port as
> negotiated by client/proxy with the Host header.
>
> --
> Uwe schindleruschind...@apache.org
> ASF Member, Member of PMC and Committer of Apache Lucene and Apache Solr
> Bremen, Germanyhttps://lucene.apache.org/https://solr.apache.org/
>
> ___
> jetty-users mailing list
> jetty-users@eclipse.org
> To unsubscribe from this list, visit
> https://www.eclipse.org/mailman/listinfo/jetty-users
>
--
Greg Wilkins CTO http://webtide.com
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users
Re: [jetty-users] Jetty 12 return wrong Host header?
I opened: https://github.com/eclipse/jetty.project/issues/10304
Am 12.08.2023 um 19:30 schrieb Uwe Schindler via jetty-users:
I have seen the same after upgrading my project to Java 12. The
problem is that all Customizers are not able to correctly set the port
number.
This is a blocker issue, because it makes it impossible to setup this
common setup:
* NGINX as user facing web server with HTTPS enabled
* NGINX forwarding the requests to jetty listen only on localhost
with some arbitrary port number (in my case 8081). NGINX sets the
following headers: X-Forwarded-For, X-Forwarded-Proto, original
"Host" header as sent by client (no rewriting)
* Jetty with: http_config.addCustomizer(new
ForwardedRequestCustomizer());
* Jetty 10 works fine it reads the clien't IP address and all other
information from X-Forwarded-For, the scheme is read from
X-Forwarded-Proto, and host header is coming from "Host" header.
It also extracts the port number from the host.
* Jetty 12 is setup in same way, it successfully extracts the
client's IP address and also it returns secure=true and uses
"https://; for javax.servlet.HttServletRequest#getRequestURL().
But it always adds its own private port number. I also tried to
use setForcedHost("xyz:443") to make sure it sees a port number.
It still constructs all URLs with port number 8081 where it
listens on.
I will open a bug report. From my experience the "customize()" method
in the RequestCustomizer does everything right also also returns the
port number, but the javax.servlet API seems to still use the port
number used by the connector's channel.
I reverted back to Jetty 10. This won't work here. If you have any
suggestion to get the port corrcet, tell me, everything like
subclassing and implementing my own cutsomizer did not work. I was not
able to debug through everything and figure out where the listener
port gets injected again.
I can say: With current status Jetty 12 is unuseable with the common
proxy setup using ForwardedRequestCustomizer as it tried to always
inject its own hidden/private port number instead of the default for
the port as negotiated by client/proxy with the Host header.
--
Uwe Schindler
uschind...@apache.org
ASF Member, Member of PMC and Committer of Apache Lucene and Apache Solr
Bremen, Germany
https://lucene.apache.org/
https://solr.apache.org/
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users
Re: [jetty-users] Jetty 12 return wrong Host header?
Hi,
I have seen the same after upgrading my project to Java 12. The problem
is that all Customizers are not able to correctly set the port number.
This is a blocker issue, because it makes it impossible to setup this
common setup:
* NGINX as user facing web server with HTTPS enabled
* NGINX forwarding the requests to jetty listen only on localhost with
some arbitrary port number (in my case 8081). NGINX sets the
following headers: X-Forwarded-For, X-Forwarded-Proto, original
"Host" header as sent by client (no rewriting)
* Jetty with: http_config.addCustomizer(new ForwardedRequestCustomizer());
* Jetty 10 works fine it reads the clien't IP address and all other
information from X-Forwarded-For, the scheme is read from
X-Forwarded-Proto, and host header is coming from "Host" header. It
also extracts the port number from the host.
* Jetty 12 is setup in same way, it successfully extracts the client's
IP address and also it returns secure=true and uses "https://; for
javax.servlet.HttServletRequest#getRequestURL(). But it always adds
its own private port number. I also tried to use
setForcedHost("xyz:443") to make sure it sees a port number. It
still constructs all URLs with port number 8081 where it listens on.
I will open a bug report. From my experience the "customize()" method in
the RequestCustomizer does everything right also also returns the port
number, but the javax.servlet API seems to still use the port number
used by the connector's channel.
I reverted back to Jetty 10. This won't work here. If you have any
suggestion to get the port corrcet, tell me, everything like subclassing
and implementing my own cutsomizer did not work. I was not able to debug
through everything and figure out where the listener port gets injected
again.
I can say: With current status Jetty 12 is unuseable with the common
proxy setup using ForwardedRequestCustomizer as it tried to always
inject its own hidden/private port number instead of the default for the
port as negotiated by client/proxy with the Host header.
Uwe
Am 11.08.2023 um 13:50 schrieb Silvio Bierman via jetty-users:
Additional info:
I now remember this came up in the past with the introduction of Jetty
10 (I think, could be 9) and this could be resolved with
httpConfig.addCustomizer(new HostHeaderCustomizer)
This is still in my embedding code. I have tried both with and without
the customizer but the behavour is the same.
On 11-08-2023 13:34, Silvio Bierman via jetty-users wrote:
Hello all,
I have encountered what I think is a bug in Jetty 12 but I would like
to check here if that is actually true.
I use port forwarding to forward HTTP requests from port 443 to 8443.
Requests arrive at the default port without an explicit port number
in the URL so
request.getRequestURL().toString
does not show a port number. But
request.getHeader("Host")
returns the host name including the port number. This makes it
impossible to distinguish requests with explicit ports from requests
without these. Jetty 11 does not show this same behaviour.
Cheers,
Silvio
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users
--
Uwe Schindler
uschind...@apache.org
ASF Member, Member of PMC and Committer of Apache Lucene and Apache Solr
Bremen, Germany
https://lucene.apache.org/
https://solr.apache.org/
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users
Re: [jetty-users] Jetty 12 return wrong Host header?
Greg,
The requested info:
Server receives this (pardon the brackets):
URL[https://demo.jambo.software/demo.jambo.software/s;x=13y762q065p53vl8nbmb4uf720]
HEADER[sec-fetch-mode]=[cors]
HEADER[content-length]=[26]
HEADER[sec-fetch-site]=[same-origin]
HEADER[accept-language]=[en-US,en;q=0.9]
HEADER[cookie]=[13y762q065p53vl8nbmb4uf720=A25F3449-F86C-4545-805E-45F947465397]
HEADER[origin]=[https://demo.jambo.software]
HEADER[Host]=[demo.jambo.software:8443]
HEADER[accept]=[*/*]
HEADER[sec-gpc]=[1]
HEADER[sec-ch-ua]=["Not/A)Brand";v="99", "Brave";v="115",
"Chromium";v="115"]
HEADER[sec-ch-ua-mobile]=[?0]
HEADER[sec-ch-ua-platform]=["Linux"]
HEADER[content-type]=[application/vnd.piglet]
HEADER[accept-encoding]=[gzip, deflate, br]
HEADER[user-agent]=[Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36]
HEADER[sec-fetch-dest]=[empty]
While the netword tab of the browser gives this for the request:
Request
URL:https://demo.jambo.software/demo.jambo.software/s;x=13y762q065p53vl8nbmb4uf720
Request Method:POST
Status Code:200
Remote Address:136.144.238.65:443
Referrer Policy:no-referrer
:authority:demo.jambo.software
:method:POST
:path:/demo.jambo.software/s;x=13y762q065p53vl8nbmb4uf720
:scheme:https
Accept:*/*
Accept-Encoding:gzip, deflate, br
Accept-Language:en-US,en;q=0.9
Content-Length:26
Content-Type:application/vnd.piglet
Cookie:13y762q065p53vl8nbmb4uf720=A25F3449-F86C-4545-805E-45F947465397
Origin:https://demo.jambo.software
Sec-Ch-Ua:"Not/A)Brand";v="99", "Brave";v="115", "Chromium";v="115"
Sec-Ch-Ua-Mobile:?0
Sec-Ch-Ua-Platform:"Linux"
Sec-Fetch-Dest:empty
Sec-Fetch-Mode:cors
Sec-Fetch-Site:same-origin
Sec-Gpc:1
User-Agent:Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML,
like Gecko) Chrome/115.0.0.0 Safari/537.36
Cheers,
Silvio
On 11-08-2023 15:27, Greg Wilkins wrote:
Silvio,
The host header should contain the host and port as used by the
client. Thus if the request goes to the default port and is forward
you a different port, the host header should not have the port in it,
or at least only the default port.
Are you sure the client is using the default port and not going direct
you the server?
Can you give us a bit more info:
+ Uri and headers as sent by the client
+ Uri and headers as received by jetty
+ The actual values you get from the various request methods
Cheers
On Fri, Aug 11, 2023, 21:34 Silvio Bierman via jetty-users
wrote:
Hello all,
I have encountered what I think is a bug in Jetty 12 but I would
like to
check here if that is actually true.
I use port forwarding to forward HTTP requests from port 443 to 8443.
Requests arrive at the default port without an explicit port
number in
the URL so
request.getRequestURL().toString
does not show a port number. But
request.getHeader("Host")
returns the host name including the port number. This makes it
impossible to distinguish requests with explicit ports from requests
without these. Jetty 11 does not show this same behaviour.
Cheers,
Silvio
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users
Re: [jetty-users] Jetty 12 return wrong Host header?
Greg,
I am very sure since port 8443 is blocked by a firewall. That is how I
noticed the problem: the application generates some URLs that are
derived from the URL of the page request and these now contain a port
number and are blocked.
Kind regards,
Silvio
On 11-08-2023 15:27, Greg Wilkins wrote:
Silvio,
The host header should contain the host and port as used by the
client. Thus if the request goes to the default port and is forward
you a different port, the host header should not have the port in it,
or at least only the default port.
Are you sure the client is using the default port and not going direct
you the server?
Can you give us a bit more info:
+ Uri and headers as sent by the client
+ Uri and headers as received by jetty
+ The actual values you get from the various request methods
Cheers
On Fri, Aug 11, 2023, 21:34 Silvio Bierman via jetty-users
wrote:
Hello all,
I have encountered what I think is a bug in Jetty 12 but I would
like to
check here if that is actually true.
I use port forwarding to forward HTTP requests from port 443 to 8443.
Requests arrive at the default port without an explicit port
number in
the URL so
request.getRequestURL().toString
does not show a port number. But
request.getHeader("Host")
returns the host name including the port number. This makes it
impossible to distinguish requests with explicit ports from requests
without these. Jetty 11 does not show this same behaviour.
Cheers,
Silvio
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users
Re: [jetty-users] Jetty 12 return wrong Host header?
Silvio,
The host header should contain the host and port as used by the client.
Thus if the request goes to the default port and is forward you a different
port, the host header should not have the port in it, or at least only the
default port.
Are you sure the client is using the default port and not going direct you
the server?
Can you give us a bit more info:
+ Uri and headers as sent by the client
+ Uri and headers as received by jetty
+ The actual values you get from the various request methods
Cheers
On Fri, Aug 11, 2023, 21:34 Silvio Bierman via jetty-users <
jetty-users@eclipse.org> wrote:
> Hello all,
>
> I have encountered what I think is a bug in Jetty 12 but I would like to
> check here if that is actually true.
>
> I use port forwarding to forward HTTP requests from port 443 to 8443.
> Requests arrive at the default port without an explicit port number in
> the URL so
>
> request.getRequestURL().toString
>
> does not show a port number. But
>
> request.getHeader("Host")
>
> returns the host name including the port number. This makes it
> impossible to distinguish requests with explicit ports from requests
> without these. Jetty 11 does not show this same behaviour.
>
> Cheers,
>
> Silvio
>
> ___
> jetty-users mailing list
> jetty-users@eclipse.org
> To unsubscribe from this list, visit
> https://www.eclipse.org/mailman/listinfo/jetty-users
>
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users
