[
https://issues.apache.org/jira/browse/CMIS-500?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13203951#comment-13203951
]
Florian Müller commented on CMIS-500:
-------------------------------------
These headers are easy to spoof and could become a security issue. That's why I
went for a different implementation. The web.xml now contains a parameter that
defines IP addresses of trusted proxies. The X-Forwarded headers are only
evaluated if the request went through such a trusted proxy.
Please let us know if that works for you.
> AtomPubUtils: Take the X-Forwarded-Host and X-Forwarded-Proto request headers
> into account when calculating the baseUrl
> -----------------------------------------------------------------------------------------------------------------------
>
> Key: CMIS-500
> URL: https://issues.apache.org/jira/browse/CMIS-500
> Project: Chemistry
> Issue Type: Improvement
> Components: opencmis-server
> Affects Versions: OpenCMIS 0.7.0
> Reporter: Gert Dewit
> Assignee: Florian Müller
> Labels: patch
> Attachments: XForwardedHeaders.patch
>
>
> When the OpenCMIS server is deployed behind a reverse proxy, the service
> document doesn't return the correct URLs.
> If it takes the X-Forwarded-Host and X-Forwarded-Proto request headers into
> account when calculating the baseUrl the URLs are correct.
> A patch against revision 1241367 is attached.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
