diff options
author | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2019-10-08 11:51:57 +0200 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2019-10-08 11:51:57 +0200 |
commit | 37ee81bcb2a3eede4cdf1f162e489999a8a75efd (patch) | |
tree | 9d4efee01bcc4f2aeff9266f56e3cf4fb6eee6d1 /jdisc_http_service | |
parent | 8ddecf071e1d23f985649bb1029c802c6045de6e (diff) |
Use 'X-Forwarded-Port' as preferred source for remote port
Diffstat (limited to 'jdisc_http_service')
2 files changed, 16 insertions, 1 deletions
diff --git a/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/server/jetty/AccessLogRequestLog.java b/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/server/jetty/AccessLogRequestLog.java index 1d3edc1240e..2758331181b 100644 --- a/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/server/jetty/AccessLogRequestLog.java +++ b/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/server/jetty/AccessLogRequestLog.java @@ -31,6 +31,7 @@ public class AccessLogRequestLog extends AbstractLifeCycle implements RequestLog // TODO These hardcoded headers should be provided by config instead private static final String HEADER_NAME_X_FORWARDED_FOR = "x-forwarded-for"; + private static final String HEADER_NAME_X_FORWARDED_PORT = "X-Forwarded-Port"; private static final String HEADER_NAME_Y_RA = "y-ra"; private static final String HEADER_NAME_Y_RP = "y-rp"; private static final String HEADER_NAME_YAHOOREMOTEIP = "yahooremoteip"; @@ -127,7 +128,8 @@ public class AccessLogRequestLog extends AbstractLifeCycle implements RequestLog } private static int getRemotePort(final HttpServletRequest request) { - return Optional.ofNullable(request.getHeader(HEADER_NAME_Y_RP)) + return Optional.ofNullable(request.getHeader(HEADER_NAME_X_FORWARDED_PORT)) + .or(() -> Optional.ofNullable(request.getHeader(HEADER_NAME_Y_RP))) .map(Integer::valueOf) .orElseGet(request::getRemotePort); } diff --git a/jdisc_http_service/src/test/java/com/yahoo/jdisc/http/server/jetty/AccessLogRequestLogTest.java b/jdisc_http_service/src/test/java/com/yahoo/jdisc/http/server/jetty/AccessLogRequestLogTest.java index 3a605040742..580533be4c3 100644 --- a/jdisc_http_service/src/test/java/com/yahoo/jdisc/http/server/jetty/AccessLogRequestLogTest.java +++ b/jdisc_http_service/src/test/java/com/yahoo/jdisc/http/server/jetty/AccessLogRequestLogTest.java @@ -82,6 +82,19 @@ public class AccessLogRequestLogTest { assertThat(accessLogEntry.getRemoteAddress(), is("1.2.3.4")); } + @Test + public void verify_x_forwarded_port_precedence () { + AccessLogEntry accessLogEntry = new AccessLogEntry(); + Request jettyRequest = createRequestMock(accessLogEntry); + when(jettyRequest.getRequestURI()).thenReturn("//search/"); + when(jettyRequest.getQueryString()).thenReturn("q=%%2"); + when(jettyRequest.getHeader("X-Forwarded-Port")).thenReturn("80"); + when(jettyRequest.getHeader("y-rp")).thenReturn("8080"); + + new AccessLogRequestLog(mock(AccessLog.class)).log(jettyRequest, createResponseMock()); + assertThat(accessLogEntry.getRemotePort(), is(80)); + } + private static Request createRequestMock(AccessLogEntry entry) { Request request = mock(Request.class); when(request.getAttribute(JDiscHttpServlet.ATTRIBUTE_NAME_ACCESS_LOG_ENTRY)).thenReturn(entry); |