Author: markt
Date: Fri Jun 1 16:51:48 2018
New Revision: 1832707
URL: http://svn.apache.org/viewvc?rev=1832707&view=rev
Log:
Add the IPv6 loopback address to the default internalProxies regular expression.
Patch by Craig Andrews.
This closes #111
Modified:
tomcat/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java
tomcat/trunk/java/org/apache/catalina/valves/RemoteIpValve.java
tomcat/trunk/webapps/docs/changelog.xml
tomcat/trunk/webapps/docs/config/filter.xml
tomcat/trunk/webapps/docs/config/valve.xml
Modified: tomcat/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java?rev=1832707&r1=1832706&r2=1832707&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java (original)
+++ tomcat/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java Fri Jun
1 16:51:48 2018
@@ -113,9 +113,10 @@ import org.apache.juli.logging.LogFactor
* <td>10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|
* 169\.254\.\d{1,3}\.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}|
* 172\.1[6-9]{1}\.\d{1,3}\.\d{1,3}|172\.2[0-9]{1}\.\d{1,3}\.\d{1,3}|
- * 172\.3[0-1]{1}\.\d{1,3}\.\d{1,3}
+ * 172\.3[0-1]{1}\.\d{1,3}\.\d{1,3}|
+ * 0:0:0:0:0:0:0:1
* <br>
- * By default, 10/8, 192.168/16, 169.254/16, 127/8 and 172.16/12 are
allowed.</td>
+ * By default, 10/8, 192.168/16, 169.254/16, 127/8, 172.16/12, and
0:0:0:0:0:0:0:1 are allowed.</td>
* </tr>
* <tr>
* <td>proxiesHeader</td>
@@ -724,7 +725,8 @@ public class RemoteIpFilter extends Gene
"127\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}|" +
"172\\.1[6-9]{1}\\.\\d{1,3}\\.\\d{1,3}|" +
"172\\.2[0-9]{1}\\.\\d{1,3}\\.\\d{1,3}|" +
- "172\\.3[0-1]{1}\\.\\d{1,3}\\.\\d{1,3}");
+ "172\\.3[0-1]{1}\\.\\d{1,3}\\.\\d{1,3}|" +
+ "0:0:0:0:0:0:0:1");
/**
* @see #setProtocolHeader(String)
@@ -1041,7 +1043,7 @@ public class RemoteIpFilter extends Gene
* Regular expression that defines the internal proxies.
* </p>
* <p>
- * Default value :
10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|169\.254.\d{1,3}.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}
+ * Default value :
10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|169\.254.\d{1,3}.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}|0:0:0:0:0:0:0:1
* </p>
* @param internalProxies The regexp
*/
Modified: tomcat/trunk/java/org/apache/catalina/valves/RemoteIpValve.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/valves/RemoteIpValve.java?rev=1832707&r1=1832706&r2=1832707&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/valves/RemoteIpValve.java (original)
+++ tomcat/trunk/java/org/apache/catalina/valves/RemoteIpValve.java Fri Jun 1
16:51:48 2018
@@ -92,9 +92,10 @@ import org.apache.tomcat.util.http.MimeH
* <td>10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|
* 169\.254\.\d{1,3}\.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}|
* 172\.1[6-9]{1}\.\d{1,3}\.\d{1,3}|172\.2[0-9]{1}\.\d{1,3}\.\d{1,3}|
- * 172\.3[0-1]{1}\.\d{1,3}\.\d{1,3}
+ * 172\.3[0-1]{1}\.\d{1,3}\.\d{1,3}|
+ * 0:0:0:0:0:0:0:1
* <br>
- * By default, 10/8, 192.168/16, 169.254/16, 127/8 and 172.16/12 are
allowed.</td>
+ * By default, 10/8, 192.168/16, 169.254/16, 127/8, 172.16/12, and ::1 are
allowed.</td>
* </tr>
* <tr>
* <td>proxiesHeader</td>
@@ -412,7 +413,8 @@ public class RemoteIpValve extends Valve
"127\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}|" +
"172\\.1[6-9]{1}\\.\\d{1,3}\\.\\d{1,3}|" +
"172\\.2[0-9]{1}\\.\\d{1,3}\\.\\d{1,3}|" +
- "172\\.3[0-1]{1}\\.\\d{1,3}\\.\\d{1,3}");
+ "172\\.3[0-1]{1}\\.\\d{1,3}\\.\\d{1,3}|" +
+ "0:0:0:0:0:0:0:1");
/**
* @see #setProtocolHeader(String)
@@ -754,7 +756,7 @@ public class RemoteIpValve extends Valve
* Regular expression that defines the internal proxies.
* </p>
* <p>
- * Default value :
10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|169\.254.\d{1,3}.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}
+ * Default value :
10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|169\.254.\d{1,3}.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}|0:0:0:0:0:0:0:1
* </p>
* @param internalProxies The proxy regular expression
*/
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1832707&r1=1832706&r2=1832707&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Fri Jun 1 16:51:48 2018
@@ -132,6 +132,11 @@
becoming associated with a web application class loader causing log
messages to be lost if the web application is stopped. (markt)
</fix>
+ <add>
+ <bug>62389</bug>: Add the IPv6 loopback address to the default
+ <code>internalProxies</code> regular expression. Patch by Craig
Andrews.
+ (markt)
+ </add>
</changelog>
</subsection>
<subsection name="Coyote">
Modified: tomcat/trunk/webapps/docs/config/filter.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/filter.xml?rev=1832707&r1=1832706&r2=1832707&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/config/filter.xml (original)
+++ tomcat/trunk/webapps/docs/config/filter.xml Fri Jun 1 16:51:48 2018
@@ -1554,7 +1554,7 @@ FINE: Request "/docs/config/manager.html
Internal proxies that appear in the <strong>remoteIpHeader</strong>
will
be trusted and will not appear in the <strong>proxiesHeader</strong>
value. If not specified the default value of <code>
-
10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|169\.254\.\d{1,3}\.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}|172\.1[6-9]{1}\.\d{1,3}\.\d{1,3}|172\.2[0-9]{1}\.\d{1,3}\.\d{1,3}|172\.3[0-1]{1}\.\d{1,3}\.\d{1,3}
+
10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|169\.254\.\d{1,3}\.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}|172\.1[6-9]{1}\.\d{1,3}\.\d{1,3}|172\.2[0-9]{1}\.\d{1,3}\.\d{1,3}|172\.3[0-1]{1}\.\d{1,3}\.\d{1,3}|0:0:0:0:0:0:0:1
</code> will be used.</p>
</attribute>
Modified: tomcat/trunk/webapps/docs/config/valve.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/valve.xml?rev=1832707&r1=1832706&r2=1832707&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/config/valve.xml (original)
+++ tomcat/trunk/webapps/docs/config/valve.xml Fri Jun 1 16:51:48 2018
@@ -964,7 +964,7 @@
Internal proxies that appear in the <strong>remoteIpHeader</strong>
will
be trusted and will not appear in the <strong>proxiesHeader</strong>
value. If not specified the default value of <code>
-
10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|169\.254\.\d{1,3}\.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}|172\.1[6-9]{1}\.\d{1,3}\.\d{1,3}|172\.2[0-9]{1}\.\d{1,3}\.\d{1,3}|172\.3[0-1]{1}\.\d{1,3}\.\d{1,3}
+
10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|169\.254\.\d{1,3}\.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}|172\.1[6-9]{1}\.\d{1,3}\.\d{1,3}|172\.2[0-9]{1}\.\d{1,3}\.\d{1,3}|172\.3[0-1]{1}\.\d{1,3}\.\d{1,3}|0:0:0:0:0:0:0:1
</code> will be used.</p>
</attribute>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
