Bug #9591 ยป 0001-WT-9591-make-Http-Request-urlScheme-look-at-X-Forwar.patch
ReleaseNotes.html | ||
---|---|---|
20 | 20 |
the way you build Wt, the way you configure Wt or the Wt API and |
21 | 21 |
behaviour. |
22 | 22 | |
23 |
<h2>Release 4.7.0 (March 2022)</h2> |
|
24 | ||
25 |
<ul> |
|
26 |
<li> |
|
27 |
<a href="https://redmine.webtoolkit.eu/issues/9591" target="_blank">Issue #9591</a>: |
|
28 |
<a href="https://www.webtoolkit.eu/wt/doc/reference/html/classWt_1_1Http_1_1Request.html#a970b7d266c6bead893ec6334520807bf"> |
|
29 |
Http::Request::urlScheme() |
|
30 |
</a> now looks at <code>X-Forwarded-Proto</code> if Wt is behind a trusted reverse proxy. |
|
31 |
</li> |
|
32 |
</ul> |
|
33 | ||
23 | 34 |
<h2>Release 4.6.1 (December 23, 2021)</h2> |
24 | 35 | |
25 | 36 |
<p> |
src/Wt/Http/Request.C | ||
---|---|---|
169 | 169 | |
170 | 170 |
std::string Request::urlScheme() const |
171 | 171 |
{ |
172 |
return request_ ? request_->urlScheme() : std::string(); |
|
172 |
if (!request_) |
|
173 |
return std::string(); |
|
174 | ||
175 |
WServer *server = WServer::instance(); |
|
176 |
return request_->urlScheme(server->configuration()); |
|
173 | 177 |
} |
174 | 178 | |
175 | 179 |
std::string Request::headerValue(const std::string& field) const |
src/Wt/Http/Request.h | ||
---|---|---|
296 | 296 |
/*! \brief Returns the url scheme used. |
297 | 297 |
* |
298 | 298 |
* This is either <tt>"http"</tt> or <tt>"https"</tt> |
299 |
* |
|
300 |
* If we're behind a trusted reverse proxy, the value of X-Forwarded-Proto |
|
301 |
* will be used if it is present. |
|
299 | 302 |
*/ |
300 | 303 |
std::string urlScheme() const; |
301 | 304 |
src/Wt/WEnvironment.C | ||
---|---|---|
95 | 95 | |
96 | 96 |
void WEnvironment::updateUrlScheme(const WebRequest& request) |
97 | 97 |
{ |
98 |
urlScheme_ = str(request.urlScheme()); |
|
99 | ||
100 | 98 |
Configuration& conf = session_->controller()->configuration(); |
101 | 99 | |
102 |
if (conf.behindReverseProxy() || |
|
103 |
conf.isTrustedProxy(request.remoteAddr())) { |
|
104 |
std::string forwardedProto = str(request.headerValue("X-Forwarded-Proto")); |
|
105 |
if (!forwardedProto.empty()) { |
|
106 |
std::string::size_type i = forwardedProto.rfind(','); |
|
107 |
if (i == std::string::npos) |
|
108 |
urlScheme_ = forwardedProto; |
|
109 |
else |
|
110 |
urlScheme_ = forwardedProto.substr(i+1); |
|
111 |
} |
|
112 |
} |
|
100 |
urlScheme_ = request.urlScheme(conf); |
|
113 | 101 |
} |
114 | 102 | |
115 | 103 |
src/web/WebRequest.C | ||
---|---|---|
443 | 443 |
return host; |
444 | 444 |
} |
445 | 445 | |
446 |
std::string WebRequest::urlScheme(const Configuration &conf) const |
|
447 |
{ |
|
448 |
if (conf.behindReverseProxy() || |
|
449 |
conf.isTrustedProxy(remoteAddr())) { |
|
450 |
std::string forwardedProto = str(headerValue("X-Forwarded-Proto")); |
|
451 |
if (!forwardedProto.empty()) { |
|
452 |
std::string::size_type i = forwardedProto.rfind(','); |
|
453 |
if (i == std::string::npos) |
|
454 |
return forwardedProto; |
|
455 |
else |
|
456 |
return forwardedProto.substr(i+1); |
|
457 |
} |
|
458 |
} |
|
459 | ||
460 |
return urlScheme(); |
|
461 |
} |
|
462 | ||
446 | 463 |
} |
src/web/WebRequest.h | ||
---|---|---|
202 | 202 | |
203 | 203 |
std::string hostName(const Configuration & conf) const; |
204 | 204 | |
205 |
std::string urlScheme(const Configuration & conf) const; |
|
206 | ||
205 | 207 |
protected: |
206 | 208 |
const EntryPoint *entryPoint_; |
207 | 209 | |
208 |
- |