This is an automated email from the ASF dual-hosted git repository.
papegaaij pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/wicket.git
The following commit(s) were added to refs/heads/master by this push:
new 84f62a5 Do not try to resolve X-Forwarded-For header
84f62a5 is described below
commit 84f62a5cff462eaa3bfaf171b0638c7e7feea30d
Author: Emond Papegaaij <emond.papega...@topicus.nl>
AuthorDate: Fri Mar 5 13:28:15 2021 +0100
Do not try to resolve X-Forwarded-For header
The remote address is reported by HttpServletRequest. Configuration of
this property is normally done via the application server. If this is
somehow not possible, use XForwardedRequestWrapperFactory.
---
.../protocol/http/request/WebClientInfo.java | 40 +++-------------------
1 file changed, 4 insertions(+), 36 deletions(-)
diff --git
a/wicket-core/src/main/java/org/apache/wicket/protocol/http/request/WebClientInfo.java
b/wicket-core/src/main/java/org/apache/wicket/protocol/http/request/WebClientInfo.java
index b5d0544..d8e552c 100644
---
a/wicket-core/src/main/java/org/apache/wicket/protocol/http/request/WebClientInfo.java
+++
b/wicket-core/src/main/java/org/apache/wicket/protocol/http/request/WebClientInfo.java
@@ -140,48 +140,16 @@ public class WebClientInfo extends ClientInfo
}
/**
- * When using ProxyPass, requestCycle().getHttpServletRequest().
getRemoteAddr() returns the IP
- * of the machine forwarding the request. In order to maintain the
clients ip address, the
- * server places it in the <a
- *
href="http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#x-headers";>X-Forwarded-For</a>
- * Header.
- *
- * Proxies may also mask the original client IP with tokens like
"hidden" or "unknown".
- * If so, the last proxy ip address is returned.
+ * Returns the IP address from {@code
HttpServletRequest.getRemoteAddr()}.
*
* @param requestCycle
* the request cycle
- * @return remoteAddr IP address of the client, using the
X-Forwarded-For header and defaulting
- * to: getHttpServletRequest().getRemoteAddr()
+ * @return remoteAddr IP address of the client, using
+ * {@code getHttpServletRequest().getRemoteAddr()}
*/
protected String getRemoteAddr(RequestCycle requestCycle)
{
ServletWebRequest request =
(ServletWebRequest)requestCycle.getRequest();
- HttpServletRequest req = request.getContainerRequest();
- String remoteAddr = request.getHeader("X-Forwarded-For");
-
- if (remoteAddr != null)
- {
- if (remoteAddr.contains(","))
- {
- // sometimes the header is of form client
ip,proxy 1 ip,proxy 2 ip,...,proxy n ip,
- // we just want the client
- remoteAddr = Strings.split(remoteAddr,
',')[0].trim();
- }
- try
- {
- // If ip4/6 address string handed over, simply
does pattern validation.
- InetAddress.getByName(remoteAddr);
- }
- catch (UnknownHostException e)
- {
- remoteAddr = req.getRemoteAddr();
- }
- }
- else
- {
- remoteAddr = req.getRemoteAddr();
- }
- return remoteAddr;
+ return request.getContainerRequest().getRemoteAddr();
}
}
