diff options
author | Bjørn Christian Seime <bjorncs@yahooinc.com> | 2022-08-18 11:37:13 +0200 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@yahooinc.com> | 2022-09-02 09:48:02 +0200 |
commit | b8f194d62bfc6bc8e19c73cbd35ec3776f04129c (patch) | |
tree | bc0cd30d01b65ffc908e8303d315013a35374894 /container-core | |
parent | 36bead13fbbd0b3ce5c5a364b6f07ee1d3555b9b (diff) |
Fail independently of scheme
Diffstat (limited to 'container-core')
-rw-r--r-- | container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/TlsClientAuthenticationEnforcer.java | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/TlsClientAuthenticationEnforcer.java b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/TlsClientAuthenticationEnforcer.java index 3059f972ce9..ce949074bfa 100644 --- a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/TlsClientAuthenticationEnforcer.java +++ b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/TlsClientAuthenticationEnforcer.java @@ -32,7 +32,7 @@ class TlsClientAuthenticationEnforcer extends HandlerWrapper { @Override public void handle(String target, Request request, HttpServletRequest servletRequest, HttpServletResponse servletResponse) throws IOException, ServletException { - if (isHttpsRequest(request) + if (isRequest(request) && !isRequestToWhitelistedBinding(request) && !isClientAuthenticated(servletRequest)) { servletResponse.sendError( @@ -55,8 +55,8 @@ class TlsClientAuthenticationEnforcer extends HandlerWrapper { return mapping; } - private boolean isHttpsRequest(Request request) { - return request.getDispatcherType() == DispatcherType.REQUEST && request.getScheme().equalsIgnoreCase("https"); + private boolean isRequest(Request request) { + return request.getDispatcherType() == DispatcherType.REQUEST; } private boolean isRequestToWhitelistedBinding(Request jettyRequest) { |