Jeff Storck created NIFI-4586:
---------------------------------
Summary: Wrong URI can be created by ApplicationResource when
X-Proxy and X-Forwarded headers exist in the request
Key: NIFI-4586
URL: https://issues.apache.org/jira/browse/NIFI-4586
Project: Apache NiFi
Issue Type: Bug
Components: Core Framework
Affects Versions: 1.4.0
Reporter: Jeff Storck
Priority: Critical
While testing support for Knox proxying to a secure NiFi cluster, I was unable
to modify/move components after creating them. This is being caused by
behavior in ApplicationResource#generateResourceUri, which attempts to get the
first header value in the request between the X-Proxy* and X-Forwarded* headers.
If the request has both sets of headers, the code will prioritize the X-Proxy*
headers, and will generate the URI with those values. Since Knox sets the
X-Forwarded* headers, if the X-Proxy* headers are on the request, the headers
supplied by Knox will be ignored.
The NiFi UI will then attempt to access the URI generated with the X-Proxied*
header values.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
