0001-WT-9591-make-Http-Request-urlScheme-look-at-X-Forwar.patch - Wt - Redmine

Bug #9591 » 0001-WT-9591-make-Http-Request-urlScheme-look-at-X-Forwar.patch

Proposed patch - Roel Standaert, 01/10/2022 06:49 PM

     the way you build Wt, the way you configure Wt or the Wt API and
     behaviour.
     <h2>Release 4.7.0 (March 2022)</h2>
     <ul>
       <li>
         <a href="https://redmine.webtoolkit.eu/issues/9591" target="_blank">Issue #9591</a>:
         <a href="https://www.webtoolkit.eu/wt/doc/reference/html/classWt_1_1Http_1_1Request.html#a970b7d266c6bead893ec6334520807bf">
           Http::Request::urlScheme()
         </a> now looks at <code>X-Forwarded-Proto</code> if Wt is behind a trusted reverse proxy.
       </li>
     </ul>
     <h2>Release 4.6.1 (December 23, 2021)</h2>
     <p>

src/Wt/Http/Request.C
169	169
170	170	std::string Request::urlScheme() const
171	171	{
172		return request_ ? request_->urlScheme() : std::string();
	172	if (!request_)
	173	return std::string();
	174
	175	WServer *server = WServer::instance();
	176	return request_->urlScheme(server->configuration());
173	177	}
174	178
175	179	std::string Request::headerValue(const std::string& field) const

       /*! \brief Returns the url scheme used.
+       *
        * This is either <tt>"http"</tt> or <tt>"https"</tt>
+       *
        * If we're behind a trusted reverse proxy, the value of X-Forwarded-Proto
        * will be used if it is present.
        */
       std::string urlScheme() const;

     void WEnvironment::updateUrlScheme(const WebRequest& request)
+    {
       urlScheme_       = str(request.urlScheme());
       Configuration& conf = session_->controller()->configuration();
       if (conf.behindReverseProxy() ||
           conf.isTrustedProxy(request.remoteAddr())) {
         std::string forwardedProto = str(request.headerValue("X-Forwarded-Proto"));
         if (!forwardedProto.empty()) {
           std::string::size_type i = forwardedProto.rfind(',');
           if (i == std::string::npos)
             urlScheme_ = forwardedProto;
           else
             urlScheme_ = forwardedProto.substr(i+1);
+        }
+      }
       urlScheme_ = request.urlScheme(conf);
+    }

       return host;
+    }
     std::string WebRequest::urlScheme(const Configuration &conf) const
+    {
       if (conf.behindReverseProxy() ||
           conf.isTrustedProxy(remoteAddr())) {
         std::string forwardedProto = str(headerValue("X-Forwarded-Proto"));
         if (!forwardedProto.empty()) {
           std::string::size_type i = forwardedProto.rfind(',');
           if (i == std::string::npos)
             return forwardedProto;
           else
             return forwardedProto.substr(i+1);
+        }
+      }
       return urlScheme();
+    }
+    }

       std::string hostName(const Configuration & conf) const;
       std::string urlScheme(const Configuration & conf) const;
     protected:
       const EntryPoint *entryPoint_;
+    -

(1-1/1)