[jira] [Commented] (FELIX-5662) SSLFilterRequest returns the server port of the underlying request instead of the default port of the protocol.

Karl Pauls (JIRA) Tue, 04 Jul 2017 06:13:28 -0700

    [ 
https://issues.apache.org/jira/browse/FELIX-5662?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16073645#comment-16073645
 ]


Karl Pauls commented on FELIX-5662:
-----------------------------------

After looking at the sslfilter, it appears that we only wrap the request in 
case of a https offload anyways - hence, it should be enough to hardcode the 
getServerPort() default to 443 (as we already the https protocol anyways). In 
other words, if we don't get a (parseable) X-Forwarded-Port header we fallback 
to returning 443 as the default port. 

[~cziegeler], unless you disagree, I'll go ahead and make that change as well 
as follow-up with a 1.2.2 release.

> SSLFilterRequest returns the server port of the underlying request instead of 
> the default port of the protocol.
> ---------------------------------------------------------------------------------------------------------------
>
>                 Key: FELIX-5662
>                 URL: https://issues.apache.org/jira/browse/FELIX-5662
>             Project: Felix
>          Issue Type: Bug
>          Components: HTTP Service
>    Affects Versions: http.sslfilter-1.2.0
>            Reporter: Karl Pauls
>            Assignee: Karl Pauls
>             Fix For: http.sslfilter-1.2.2
>
>
> FELIX-5259 made it so that the sslfilter request returns the underlying 
> requests getServerPort() if no X-Forwarded-Port header is present on a call 
> to getServerPort().
> The problem that it tries to address is that the sslfilter returned -1 from 
> getServerPort() when no X-Forwarded-Port header is set. As the javadoc does 
> say:
> {{int getServerPort()}}
> {{Returns the port number to which the request was sent. It is the value of 
> the part after ":" in the Host header value, if any, or the server port where 
> the client connection was accepted on.}}
> that is not allowed but the intention was correct namely, it should be the 
> default port for the forwarded protocol.
> However, the fix is wrong. It basically makes it so that if no 
> X-Forwarded-Port header is set the wrapped request will use the port of the 
> connection. That doesn't make sense. It should default to the default port of 
> the forwarded protocol (it just can't fall back to simply return -1 - it has 
> to figure out the correct default port).



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (FELIX-5662) SSLFilterRequest returns the server port of the underlying request instead of the default port of the protocol.

Reply via email to