Author: markt
Date: Fri Jan 7 18:28:40 2011
New Revision: 1056445
URL: http://svn.apache.org/viewvc?rev=1056445&view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=50453
Correctly handle multiple X-Forwarded-For headers in RemoteIpValve
Patch provided by Jim Riggs
Modified:
tomcat/tc6.0.x/trunk/STATUS.txt
tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/RemoteIpValve.java
tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1056445&r1=1056444&r2=1056445&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Fri Jan 7 18:28:40 2011
@@ -201,12 +201,6 @@ PATCHES PROPOSED TO BACKPORT:
+1: fhanik - fix indentation
-1:
-* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=50453
- Correct handle multiple X-Forwarded-For headers in RemoteIpValve
-
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/valves/RemoteIpValve.java?r1=1055482&r2=1055481&pathrev=1055482
- +1: markt, fhanik, funkman
- -1:
-
* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=50550
Requests for a newly created directory using MKCOL should not result in a 404
http://svn.apache.org/viewvc?rev=1055975&view=rev
Modified:
tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/RemoteIpValve.java
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/RemoteIpValve.java?rev=1056445&r1=1056444&r2=1056445&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/RemoteIpValve.java
(original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/RemoteIpValve.java Fri
Jan 7 18:28:40 2011
@@ -19,6 +19,7 @@ package org.apache.catalina.valves;
import java.io.IOException;
import java.util.ArrayList;
+import java.util.Enumeration;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
@@ -558,8 +559,17 @@ public class RemoteIpValve extends Valve
String remoteIp = null;
// In java 6, proxiesHeaderValue should be declared as a
java.util.Deque
LinkedList<String> proxiesHeaderValue = new LinkedList<String>();
+ StringBuffer concatRemoteIpHeaderValue = new StringBuffer();
- String[] remoteIpHeaderValue =
commaDelimitedListToStringArray(request.getHeader(remoteIpHeader));
+ for (Enumeration<String> e = request.getHeaders(remoteIpHeader);
e.hasMoreElements();) {
+ if (concatRemoteIpHeaderValue.length() > 0) {
+ concatRemoteIpHeaderValue.append(", ");
+ }
+
+ concatRemoteIpHeaderValue.append(e.nextElement());
+ }
+
+ String[] remoteIpHeaderValue =
commaDelimitedListToStringArray(concatRemoteIpHeaderValue.toString());
int idx;
// loop on remoteIpHeaderValue to find the first trusted remote ip
and to build the proxies chain
for (idx = remoteIpHeaderValue.length - 1; idx >= 0; idx--) {
Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=1056445&r1=1056444&r2=1056445&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Fri Jan 7 18:28:40 2011
@@ -185,6 +185,10 @@
exceptions. (markt)
</add>
<fix>
+ <bug>50453</bug>: Correctly handle multiple
<code>X-Forwarded-For</code>
+ headers in the RemoteIpValve. Patch provided by Jim Riggs. (markt)
+ </fix>
+ <fix>
<bug>50459</bug>: Fix thread/classloader binding issues in
StandardContext. (slaurent)
</fix>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
