Hi,
I have seen the same after upgrading my project to Java 12. The problem
is that all Customizers are not able to correctly set the port number.
This is a blocker issue, because it makes it impossible to setup this
common setup:
* NGINX as user facing web server with HTTPS enabled
* NGINX forwarding the requests to jetty listen only on localhost with
some arbitrary port number (in my case 8081). NGINX sets the
following headers: X-Forwarded-For, X-Forwarded-Proto, original
"Host" header as sent by client (no rewriting)
* Jetty with: http_config.addCustomizer(new ForwardedRequestCustomizer());
* Jetty 10 works fine it reads the clien't IP address and all other
information from X-Forwarded-For, the scheme is read from
X-Forwarded-Proto, and host header is coming from "Host" header. It
also extracts the port number from the host.
* Jetty 12 is setup in same way, it successfully extracts the client's
IP address and also it returns secure=true and uses "https://" for
javax.servlet.HttServletRequest#getRequestURL(). But it always adds
its own private port number. I also tried to use
setForcedHost("xyz:443") to make sure it sees a port number. It
still constructs all URLs with port number 8081 where it listens on.
I will open a bug report. From my experience the "customize()" method in
the RequestCustomizer does everything right also also returns the port
number, but the javax.servlet API seems to still use the port number
used by the connector's channel.
I reverted back to Jetty 10. This won't work here. If you have any
suggestion to get the port corrcet, tell me, everything like subclassing
and implementing my own cutsomizer did not work. I was not able to debug
through everything and figure out where the listener port gets injected
again.
I can say: With current status Jetty 12 is unuseable with the common
proxy setup using ForwardedRequestCustomizer as it tried to always
inject its own hidden/private port number instead of the default for the
port as negotiated by client/proxy with the Host header.
Uwe
Am 11.08.2023 um 13:50 schrieb Silvio Bierman via jetty-users:
Additional info:
I now remember this came up in the past with the introduction of Jetty
10 (I think, could be 9) and this could be resolved with
httpConfig.addCustomizer(new HostHeaderCustomizer)
This is still in my embedding code. I have tried both with and without
the customizer but the behavour is the same.
On 11-08-2023 13:34, Silvio Bierman via jetty-users wrote:
Hello all,
I have encountered what I think is a bug in Jetty 12 but I would like
to check here if that is actually true.
I use port forwarding to forward HTTP requests from port 443 to 8443.
Requests arrive at the default port without an explicit port number
in the URL so
request.getRequestURL().toString
does not show a port number. But
request.getHeader("Host")
returns the host name including the port number. This makes it
impossible to distinguish requests with explicit ports from requests
without these. Jetty 11 does not show this same behaviour.
Cheers,
Silvio
_______________________________________________
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users
_______________________________________________
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users
--
Uwe Schindler
uschind...@apache.org
ASF Member, Member of PMC and Committer of Apache Lucene and Apache Solr
Bremen, Germany
https://lucene.apache.org/
https://solr.apache.org/
_______________________________________________
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users