Updated Branches: refs/heads/master 5c650b92c -> 393ab94be
TAP5-2058 Support X-Forwarded-Proto to identify a Request secured (https) Project: http://git-wip-us.apache.org/repos/asf/tapestry-5/repo Commit: http://git-wip-us.apache.org/repos/asf/tapestry-5/commit/393ab94b Tree: http://git-wip-us.apache.org/repos/asf/tapestry-5/tree/393ab94b Diff: http://git-wip-us.apache.org/repos/asf/tapestry-5/diff/393ab94b Branch: refs/heads/master Commit: 393ab94becedf404725917f50a0b84ca7f5eecc2 Parents: 5c650b9 Author: Massimo Lusetti <[email protected]> Authored: Sun Jan 27 18:07:55 2013 +0100 Committer: Massimo Lusetti <[email protected]> Committed: Sun Jan 27 18:07:55 2013 +0100 ---------------------------------------------------------------------- .../tapestry5/internal/services/RequestImpl.java | 6 ++++- .../internal/services/RequestImplTest.java | 17 +++++++++++++++ 2 files changed, 22 insertions(+), 1 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/tapestry-5/blob/393ab94b/tapestry-core/src/main/java/org/apache/tapestry5/internal/services/RequestImpl.java ---------------------------------------------------------------------- diff --git a/tapestry-core/src/main/java/org/apache/tapestry5/internal/services/RequestImpl.java b/tapestry-core/src/main/java/org/apache/tapestry5/internal/services/RequestImpl.java index 6216f5a..c62027a 100644 --- a/tapestry-core/src/main/java/org/apache/tapestry5/internal/services/RequestImpl.java +++ b/tapestry-core/src/main/java/org/apache/tapestry5/internal/services/RequestImpl.java @@ -34,6 +34,9 @@ public class RequestImpl implements Request static final String XML_HTTP_REQUEST = "XMLHttpRequest"; + static final String X_FORWARDED_PROTO_HEADER = "X-Forwarded-Proto"; + static final String X_FORWARDED_PROTO_HTTPS = "https"; + private final HttpServletRequest request; private final String requestEncoding; @@ -164,7 +167,8 @@ public class RequestImpl implements Request public boolean isSecure() { - return request.isSecure(); + return request.isSecure() || + X_FORWARDED_PROTO_HTTPS.equals(request.getHeader(X_FORWARDED_PROTO_HEADER)); } public boolean isRequestedSessionIdValid() http://git-wip-us.apache.org/repos/asf/tapestry-5/blob/393ab94b/tapestry-core/src/test/java/org/apache/tapestry5/internal/services/RequestImplTest.java ---------------------------------------------------------------------- diff --git a/tapestry-core/src/test/java/org/apache/tapestry5/internal/services/RequestImplTest.java b/tapestry-core/src/test/java/org/apache/tapestry5/internal/services/RequestImplTest.java index ed5367d..4ec0551 100644 --- a/tapestry-core/src/test/java/org/apache/tapestry5/internal/services/RequestImplTest.java +++ b/tapestry-core/src/test/java/org/apache/tapestry5/internal/services/RequestImplTest.java @@ -258,4 +258,21 @@ public class RequestImplTest extends InternalBaseTestCase verify(); } + + @Test + public void request_secure_with_x_forwarded_proto() throws Exception + { + HttpServletRequest sr = mockHttpServletRequest(); + + expect(sr.isSecure()).andReturn(false); + expect(sr.getHeader(RequestImpl.X_FORWARDED_PROTO_HEADER)).andReturn("https"); + + replay(); + + Request request = new RequestImpl(sr, CHARSET, null); + + assertTrue(request.isSecure()); + + verify(); + } }
