1berry/ruby
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

* lib/webrick/httprequest.rb (setup_forwarded_info): Parsing request

Browse Source 
header failed when the request is from 2 or more Apache reverse 
  proxies. It's said that all X-Forwarded-* headers will contain more
  than one (comma-separated) value if the original request already
  contained one of these headers.  Since we could use these values as
  Host header, we choose the initial(first) value. See #4922.

* test/webrick/test_httprequest.rb (test_forwarded): Test it.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32222 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
nahi 2011-06-24 11:05:59 +00:00
parent 706335aa0b
commit 635d13a8b7
3 changed files with 42 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
ChangeLog
View File

@ -1,3 +1,14 @@
Fri Jun 24 19:57:30 2011 Hiroshi Nakamura <nahi@ruby-lang.org>
* lib/webrick/httprequest.rb (setup_forwarded_info): Parsing request
header failed when the request is from 2 or more Apache reverse
proxies. It's said that all X-Forwarded-* headers will contain more
than one (comma-separated) value if the original request already
contained one of these headers. Since we could use these values as
Host header, we choose the initial(first) value. See #4922.
* test/webrick/test_httprequest.rb (test_forwarded): Test it.
Fri Jun 24 17:06:33 2011 Nobuyoshi Nakada <nobu@ruby-lang.org> Fri Jun 24 17:06:33 2011 Nobuyoshi Nakada <nobu@ruby-lang.org>
* process.c (proc_daemon): should not start timer thread * process.c (proc_daemon): should not start timer thread

10
lib/webrick/httprequest.rb
View File

@ -434,10 +434,18 @@ module WEBrick
^(::ffff:)?(10|172\.(1[6-9]|2[0-9]|3[01])|192\.168)\. ^(::ffff:)?(10|172\.(1[6-9]|2[0-9]|3[01])|192\.168)\.
/ixo /ixo
# It's said that all X-Forwarded-* headers will contain more than one
# (comma-separated) value if the original request already contained one of
# these headers. Since we could use these values as Host header, we choose
# the initial(first) value. (apr_table_mergen() adds new value after the
# existing value with ", " prefix)
def setup_forwarded_info def setup_forwarded_info
@forwarded_server = self["x-forwarded-server"] if @forwarded_server = self["x-forwarded-server"]
@forwarded_server = @forwarded_server.split(",", 2).first
end
@forwarded_proto = self["x-forwarded-proto"] @forwarded_proto = self["x-forwarded-proto"]
if host_port = self["x-forwarded-host"] if host_port = self["x-forwarded-host"]
host_port = host_port.split(",", 2).first
@forwarded_host, tmp = host_port.split(":", 2) @forwarded_host, tmp = host_port.split(":", 2)
@forwarded_port = (tmp || (@forwarded_proto == "https" ? 443 : 80)).to_i @forwarded_port = (tmp || (@forwarded_proto == "https" ? 443 : 80)).to_i
end end

22
test/webrick/test_httprequest.rb
View File

@ -303,6 +303,28 @@ class TestWEBrickHTTPRequest < Test::Unit::TestCase
assert_equal(443, req.port) assert_equal(443, req.port)
assert_equal("234.234.234.234", req.remote_ip) assert_equal("234.234.234.234", req.remote_ip)
assert(req.ssl?) assert(req.ssl?)
msg = <<-_end_of_message_
GET /foo HTTP/1.1
Host: localhost:10080
Client-IP: 234.234.234.234
X-Forwarded-Proto: https
X-Forwarded-For: 192.168.1.10
X-Forwarded-Host: forward1.example.com:1234, forward2.example.com:5678
X-Forwarded-Server: server1.example.com, server2.example.com
X-Requested-With: XMLHttpRequest
Connection: Keep-Alive
_end_of_message_
msg.gsub!(/^ {6}/, "")
req = WEBrick::HTTPRequest.new(WEBrick::Config::HTTP)
req.parse(StringIO.new(msg))
assert_equal("server1.example.com", req.server_name)
assert_equal("https://forward1.example.com:1234/foo", req.request_uri.to_s)
assert_equal("forward1.example.com", req.host)
assert_equal(1234, req.port)
assert_equal("234.234.234.234", req.remote_ip)
assert(req.ssl?)
end end
def test_continue_sent def test_continue_sent