diff options
author | yugui <yugui@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2011-08-07 10:02:43 +0000 |
---|---|---|
committer | yugui <yugui@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2011-08-07 10:02:43 +0000 |
commit | 87d9bb7765e35f78067b5afca574f393ddebf083 (patch) | |
tree | dc97413c04a3244e4ccf66004340229fc6f9e11d | |
parent | 593230383931ccf75cc4d969af03686d59cc305e (diff) |
merges r32222 from trunk into ruby_1_9_2.
--
* lib/webrick/httprequest.rb (setup_forwarded_info): Parsing request
header failed when the request is from 2 or more Apache reverse
proxies. It's said that all X-Forwarded-* headers will contain more
than one (comma-separated) value if the original request already
contained one of these headers. Since we could use these values as
Host header, we choose the initial(first) value. See #4922.
* test/webrick/test_httprequest.rb (test_forwarded): Test it.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@32879 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
-rw-r--r-- | ChangeLog | 11 | ||||
-rw-r--r-- | lib/webrick/httprequest.rb | 10 | ||||
-rw-r--r-- | test/webrick/test_httprequest.rb | 22 | ||||
-rw-r--r-- | version.h | 8 |
4 files changed, 46 insertions, 5 deletions
@@ -1,3 +1,14 @@ +Fri Jun 24 19:57:30 2011 Hiroshi Nakamura <nahi@ruby-lang.org> + + * lib/webrick/httprequest.rb (setup_forwarded_info): Parsing request + header failed when the request is from 2 or more Apache reverse + proxies. It's said that all X-Forwarded-* headers will contain more + than one (comma-separated) value if the original request already + contained one of these headers. Since we could use these values as + Host header, we choose the initial(first) value. See #4922. + + * test/webrick/test_httprequest.rb (test_forwarded): Test it. + Sat Jul 9 19:25:02 2011 Yuki Sonoda (Yugui) <yugui@yugui.jp> * ext/tk/extconf.rb: I gave up to fix the build issue of ext/tk with Windows diff --git a/lib/webrick/httprequest.rb b/lib/webrick/httprequest.rb index d6cd7d9776..96f97340ae 100644 --- a/lib/webrick/httprequest.rb +++ b/lib/webrick/httprequest.rb @@ -385,10 +385,18 @@ module WEBrick ^(::ffff:)?(10|172\.(1[6-9]|2[0-9]|3[01])|192\.168)\. /ixo + # It's said that all X-Forwarded-* headers will contain more than one + # (comma-separated) value if the original request already contained one of + # these headers. Since we could use these values as Host header, we choose + # the initial(first) value. (apr_table_mergen() adds new value after the + # existing value with ", " prefix) def setup_forwarded_info - @forwarded_server = self["x-forwarded-server"] + if @forwarded_server = self["x-forwarded-server"] + @forwarded_server = @forwarded_server.split(",", 2).first + end @forwarded_proto = self["x-forwarded-proto"] if host_port = self["x-forwarded-host"] + host_port = host_port.split(",", 2).first @forwarded_host, tmp = host_port.split(":", 2) @forwarded_port = (tmp || (@forwarded_proto == "https" ? 443 : 80)).to_i end diff --git a/test/webrick/test_httprequest.rb b/test/webrick/test_httprequest.rb index 4a1db38bca..a662da348c 100644 --- a/test/webrick/test_httprequest.rb +++ b/test/webrick/test_httprequest.rb @@ -303,6 +303,28 @@ class TestWEBrickHTTPRequest < Test::Unit::TestCase assert_equal(443, req.port) assert_equal("234.234.234.234", req.remote_ip) assert(req.ssl?) + + msg = <<-_end_of_message_ + GET /foo HTTP/1.1 + Host: localhost:10080 + Client-IP: 234.234.234.234 + X-Forwarded-Proto: https + X-Forwarded-For: 192.168.1.10 + X-Forwarded-Host: forward1.example.com:1234, forward2.example.com:5678 + X-Forwarded-Server: server1.example.com, server2.example.com + X-Requested-With: XMLHttpRequest + Connection: Keep-Alive + + _end_of_message_ + msg.gsub!(/^ {6}/, "") + req = WEBrick::HTTPRequest.new(WEBrick::Config::HTTP) + req.parse(StringIO.new(msg)) + assert_equal("server1.example.com", req.server_name) + assert_equal("https://forward1.example.com:1234/foo", req.request_uri.to_s) + assert_equal("forward1.example.com", req.host) + assert_equal(1234, req.port) + assert_equal("234.234.234.234", req.remote_ip) + assert(req.ssl?) end def test_bad_messages @@ -1,13 +1,13 @@ #define RUBY_VERSION "1.9.2" -#define RUBY_PATCHLEVEL 290 +#define RUBY_PATCHLEVEL 291 #define RUBY_VERSION_MAJOR 1 #define RUBY_VERSION_MINOR 9 #define RUBY_VERSION_TEENY 1 #define RUBY_RELEASE_YEAR 2011 -#define RUBY_RELEASE_MONTH 7 -#define RUBY_RELEASE_DAY 9 -#define RUBY_RELEASE_DATE "2011-07-09" +#define RUBY_RELEASE_MONTH 8 +#define RUBY_RELEASE_DAY 7 +#define RUBY_RELEASE_DATE "2011-08-07" #include "ruby/version.h" |