https://bz.apache.org/bugzilla/show_bug.cgi?id=57711
Bug ID: 57711
Summary: Add support for X-Forwarded-Host in RemoteIPValve
Product: Tomcat 7
Version: 7.0.59
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P2
Component: Catalina
Assignee: dev@tomcat.apache.org
Reporter: slaur...@apache.org
Tomcat should support the X-Forwarded-Host http header in order for
applications to be able to output absolute URLs in their response without
requiring any reverse-proxy to perform response body rewriting.
Here is my motivation :
Until recently, I was using a reverse proxy (apache httpd) in front of tomcat
and forwarding requests to tomcat on http. I was using ProxyPreserveHost=On so
that the Host: header coming in tomcat was the actual host used by clients and
thus request.getRequestURL() returned the URL from the initial client point of
view.
Then recently for various reasons I had to setup 2 reverse proxies in chain in
front of tomcat. Because SSL is used between the two reverse proxies, the
ProxyPreserveHost=On trick no longer works.
Indeed, it would require the second reverse proxy to also have a certificate
matching the first reverse proxy which is not very practical. A request for
enhancement has been proposed to httpd [1] but it's still open since 2013...
Back in 2011, this discussion [2] proposed to add support for X-Forwarded-Host
header to tomcat and markt seemed to agree on it.
I'll try to work on a patch to RemoteIPValve in the next weeks...
[1] https://bz.apache.org/bugzilla/show_bug.cgi?id=54656
[2] http://tomcat.10.x6.nabble.com/RemoteIpValve-advices-td2192230.html
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
