[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
Re: [jetty-users] Jetty 12 return wrong Host header?
|
Issue opened:
https://github.com/eclipse/jetty.project/issues/10306
On 13-08-2023 01:31, Greg Wilkins via
jetty-users wrote:
Actually,
I think Uwe's and Silvio's problems are similar but
different.
Silvio, you have no forwarded request customizer headers
and a real "demo.jambo.software:8443" as the host header
value. This could be a http2 issue in recreating that header.
Uwe's issue is more about the customizer.
So Silvio, perhaps open a second issue?
cheers
P.S. We expect at least a monthly cadence of 12.0.x
releases.
Silvio,
I'll respond more in Uwe's issue. Please post your
details there to help the triage.
cheers
I opened: https://github.com/eclipse/jetty.project/issues/10304
Am 12.08.2023 um 19:30 schrieb Uwe Schindler via
jetty-users:
I have seen the same after upgrading my project to
Java 12. The problem is that all Customizers are not
able to correctly set the port number.
This is a blocker issue, because it makes it
impossible to setup this common setup:
- NGINX as user facing web server with HTTPS
enabled
- NGINX forwarding the requests to jetty listen
only on localhost with some arbitrary port number
(in my case 8081). NGINX sets the following
headers: X-Forwarded-For, X-Forwarded-Proto,
original "Host" header as sent by client (no
rewriting)
- Jetty with: http_config.addCustomizer(new
ForwardedRequestCustomizer());
- Jetty 10 works fine it reads the clien't IP
address and all other information from
X-Forwarded-For, the scheme is read from
X-Forwarded-Proto, and host header is coming from
"Host" header. It also extracts the port number
from the host.
- Jetty 12 is setup in same way, it successfully
extracts the client's IP address and also it
returns secure=true and uses "https://" for
javax.servlet.HttServletRequest#getRequestURL().
But it always adds its own private port number. I
also tried to use setForcedHost("xyz:443") to make
sure it sees a port number. It still constructs
all URLs with port number 8081 where it listens
on.
I will open a bug report. From my experience the
"customize()" method in the RequestCustomizer does
everything right also also returns the port number,
but the javax.servlet API seems to still use the
port number used by the connector's channel.
I reverted back to Jetty 10. This won't work here.
If you have any suggestion to get the port corrcet,
tell me, everything like subclassing and
implementing my own cutsomizer did not work. I was
not able to debug through everything and figure out
where the listener port gets injected again.
I can say: With current status Jetty 12 is
unuseable with the common proxy setup using
ForwardedRequestCustomizer as it tried to always
inject its own hidden/private port number instead of
the default for the port as negotiated by
client/proxy with the Host header.
--
Uwe Schindler
uschindler@xxxxxxxxxx
ASF Member, Member of PMC and Committer of Apache Lucene and Apache Solr
Bremen, Germany
https://lucene.apache.org/
https://solr.apache.org/
_______________________________________________
jetty-users mailing list
jetty-users@xxxxxxxxxxx
To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/jetty-users
--
--
_______________________________________________
jetty-users mailing list
jetty-users@xxxxxxxxxxx
To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/jetty-users