[jira] [Commented] (FELIX-4196) If proxy or SSL Offloader already sends https urls the SSLFilter wil created a httpss URL

Mon, 19 Aug 2013 04:29:26 -0700 

    [ 
https://issues.apache.org/jira/browse/FELIX-4196?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13743737#comment-13743737
 ] 

Kris Barnhoorn commented on FELIX-4196:
---------------------------------------

Hi Felix,

Yes I think it's best to be sure no other part of the infrastructure or code 
has done the same.

What I mean with replace was something like 

String tmp = StringUtils.replace(super.getRequestURL(), "http://";, "https://);


We have now (to not add additional dependencies):

{code}
...
    public static final String HTTP = "http://";;

...
        if (this.requestURL == null && super.getRequestURL().indexOf(HTTP) == 
0) {
            // insert an 's' after the http scheme
            StringBuffer tmp = super.getRequestURL();
            tmp.insert(4, 's');
            this.requestURL = tmp.toString();
        }
...
{code}

Meanwhile we have discovered that it was another part (not investigated which) 
of an AEM 5.6.1 deployment that already checked on the X-Forwarded-SSL and 
changed to URL.
With the code above we are sure it doesn't get done twice.

Kind regards,
Kris.

                
> If proxy or SSL Offloader already sends https urls the SSLFilter wil created 
> a httpss URL
> -----------------------------------------------------------------------------------------
>
>                 Key: FELIX-4196
>                 URL: https://issues.apache.org/jira/browse/FELIX-4196
>             Project: Felix
>          Issue Type: Bug
>          Components: HTTP Service
>    Affects Versions: http-sslfilter-1.0.0
>            Reporter: Kris Barnhoorn
>
> Hi,
> If proxy or SSL Offloader already sends https urls the SSLFilter wil created 
> a httpss URL
> See code in 
> https://fisheye6.atlassian.com/browse/felix/trunk/http/sslfilter/src/main/java/org/apache/felix/http/sslfilter/internal/SslFilterRequest.java?r=1394715
> {code}
>    public StringBuffer getRequestURL()
>    {
>        if (this.requestURL == null) {
>            // insert an 's' after the http scheme
>            StringBuffer tmp = super.getRequestURL();
>            tmp.insert(4, 's');
>            this.requestURL = tmp.toString();
>        }
>  
>        return new StringBuffer(this.requestURL);
>    }
> {code}
> A replace of "http://"; to "https://"; will be less buggy.
> Furthermore an option to not rewrite from http to https would be good as in 
> some cases this is not desirable.
> Kind regards,
> Kris.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to