Package org.eclipse.jetty.server

Class ForwardedRequestCustomizer

  • All Implemented Interfaces:
    HttpConfiguration.Customizer
    public class ForwardedRequestCustomizer
extends Object
implements HttpConfiguration.Customizer
    Customize Requests for Proxy Forwarding.

    This customizer looks at at HTTP request for headers that indicate it has been forwarded by one or more proxies. Specifically handled are

    • Forwarded, as defined by rfc7239
    • X-Forwarded-Host
    • X-Forwarded-Server
    • X-Forwarded-For
    • X-Forwarded-Proto
    • X-Proxied-Https

    If these headers are present, then the Request object is updated so that the proxy is not seen as the other end point of the connection on which the request came

    Headers can also be defined so that forwarded SSL Session IDs and Cipher suites may be customised

    See Also:
    Wikipedia: X-Forwarded-For

    • Constructor Detail

      • ForwardedRequestCustomizer

        public ForwardedRequestCustomizer()

    • Method Detail

      • getProxyAsAuthority

        public boolean getProxyAsAuthority()
        Returns:
        true if the proxy address obtained via X-Forwarded-Server or RFC7239 "by" is used as the request authority. Default false

      • setProxyAsAuthority

        public void setProxyAsAuthority​(boolean proxyAsAuthority)
        Parameters:
        proxyAsAuthority - if true, use the proxy address obtained via X-Forwarded-Server or RFC7239 "by" as the request authority.

      • setForwardedOnly

        public void setForwardedOnly​(boolean rfc7239only)
        Parameters:
        rfc7239only - Configure to only support the RFC7239 Forwarded header and to not support any X-Forwarded- headers. This convenience method clears all the non RFC headers if passed true and sets them to the default values (if not already set) if passed false.

      • getForcedHost

        public String getForcedHost()

      • getForwardedHeader

        public String getForwardedHeader()
        Returns:
        The header name for RFC forwarded (default Forwarded)

      • setForwardedHeader

        public void setForwardedHeader​(String forwardedHeader)
        Parameters:
        forwardedHeader - The header name for RFC forwarded (default Forwarded)

      • getForwardedHostHeader

        public String getForwardedHostHeader()

      • setForwardedHostHeader

        public void setForwardedHostHeader​(String forwardedHostHeader)
        Parameters:
        forwardedHostHeader - The header name for forwarded hosts (default X-Forwarded-Host)

      • getForwardedServerHeader

        public String getForwardedServerHeader()
        Returns:
        the header name for forwarded server.

      • setForwardedServerHeader

        public void setForwardedServerHeader​(String forwardedServerHeader)
        Parameters:
        forwardedServerHeader - The header name for forwarded server (default X-Forwarded-Server)

      • getForwardedForHeader

        public String getForwardedForHeader()
        Returns:
        the forwarded for header

      • setForwardedForHeader

        public void setForwardedForHeader​(String forwardedRemoteAddressHeader)
        Parameters:
        forwardedRemoteAddressHeader - The header name for forwarded for (default X-Forwarded-For)

      • getForwardedProtoHeader

        public String getForwardedProtoHeader()
        Get the forwardedProtoHeader.
        Returns:
        the forwardedProtoHeader (default X-Forwarded-Proto)

      • setForwardedProtoHeader

        public void setForwardedProtoHeader​(String forwardedProtoHeader)
        Set the forwardedProtoHeader.
        Parameters:
        forwardedProtoHeader - the forwardedProtoHeader to set (default X-Forwarded-Proto)

      • getForwardedCipherSuiteHeader

        public String getForwardedCipherSuiteHeader()
        Returns:
        The header name holding a forwarded cipher suite (default Proxy-auth-cert)

      • setForwardedCipherSuiteHeader

        public void setForwardedCipherSuiteHeader​(String forwardedCipherSuite)
        Parameters:
        forwardedCipherSuite - The header name holding a forwarded cipher suite (default Proxy-auth-cert)

      • getForwardedSslSessionIdHeader

        public String getForwardedSslSessionIdHeader()
        Returns:
        The header name holding a forwarded SSL Session ID (default Proxy-ssl-id)

      • setForwardedSslSessionIdHeader

        public void setForwardedSslSessionIdHeader​(String forwardedSslSessionId)
        Parameters:
        forwardedSslSessionId - The header name holding a forwarded SSL Session ID (default Proxy-ssl-id)

      • getForwardedHttpsHeader

        public String getForwardedHttpsHeader()
        Returns:
        The header name holding a forwarded Https status indicator (on|off true|false) (default X-Proxied-Https)

      • setForwardedHttpsHeader

        public void setForwardedHttpsHeader​(String forwardedHttpsHeader)
        Parameters:
        forwardedHttpsHeader - the header name holding a forwarded Https status indicator(default X-Proxied-Https)

      • isSslIsSecure

        public boolean isSslIsSecure()
        Returns:
        true if the presence of a SSL session or certificate header is sufficient to indicate a secure request (default is true)

      • setSslIsSecure

        public void setSslIsSecure​(boolean sslIsSecure)
        Parameters:
        sslIsSecure - true if the presence of a SSL session or certificate header is sufficient to indicate a secure request (default is true)

      • getLeftMost

        protected String getLeftMost​(String headerValue)