-
Notifications
You must be signed in to change notification settings - Fork 41.5k
Closed
Description
Tomcat now supports the X-Forwarded-Host
header, per https://bz.apache.org/bugzilla/show_bug.cgi?id=57665 (as referenced in #5677).
It would be great to add support for this in order to enable a more complete support for X-Forwarded-* headers without needing to use the ForwardedHeaderFilter
, and to provide closer feature parity with what's available in RemoteIpValve
.
The current (Spring Boot 2.1.8.RELEASE) RemoteIpValve
configuration can be found here:
Lines 146 to 166 in b1ca1ae
private void customizeRemoteIpValve(ConfigurableTomcatWebServerFactory factory) { | |
Tomcat tomcatProperties = this.serverProperties.getTomcat(); | |
String protocolHeader = tomcatProperties.getProtocolHeader(); | |
String remoteIpHeader = tomcatProperties.getRemoteIpHeader(); | |
// For back compatibility the valve is also enabled if protocol-header is set | |
if (StringUtils.hasText(protocolHeader) || StringUtils.hasText(remoteIpHeader) | |
|| getOrDeduceUseForwardHeaders()) { | |
RemoteIpValve valve = new RemoteIpValve(); | |
valve.setProtocolHeader(StringUtils.hasLength(protocolHeader) ? protocolHeader : "X-Forwarded-Proto"); | |
if (StringUtils.hasLength(remoteIpHeader)) { | |
valve.setRemoteIpHeader(remoteIpHeader); | |
} | |
// The internal proxies default to a white list of "safe" internal IP | |
// addresses | |
valve.setInternalProxies(tomcatProperties.getInternalProxies()); | |
valve.setPortHeader(tomcatProperties.getPortHeader()); | |
valve.setProtocolHeaderHttpsValue(tomcatProperties.getProtocolHeaderHttpsValue()); | |
// ... so it's safe to add this valve by default. | |
factory.addEngineValves(valve); | |
} | |
} |
Metadata
Metadata
Assignees
Labels
type: enhancementA general enhancementA general enhancement