summaryrefslogtreecommitdiff
path: root/lib/webrick/httprequest.rb
diff options
context:
space:
mode:
Diffstat (limited to 'lib/webrick/httprequest.rb')
-rw-r--r--lib/webrick/httprequest.rb10
1 files changed, 9 insertions, 1 deletions
diff --git a/lib/webrick/httprequest.rb b/lib/webrick/httprequest.rb
index 5dda878e99..1e8789d2d6 100644
--- a/lib/webrick/httprequest.rb
+++ b/lib/webrick/httprequest.rb
@@ -434,10 +434,18 @@ module WEBrick
^(::ffff:)?(10|172\.(1[6-9]|2[0-9]|3[01])|192\.168)\.
/ixo
+ # It's said that all X-Forwarded-* headers will contain more than one
+ # (comma-separated) value if the original request already contained one of
+ # these headers. Since we could use these values as Host header, we choose
+ # the initial(first) value. (apr_table_mergen() adds new value after the
+ # existing value with ", " prefix)
def setup_forwarded_info
- @forwarded_server = self["x-forwarded-server"]
+ if @forwarded_server = self["x-forwarded-server"]
+ @forwarded_server = @forwarded_server.split(",", 2).first
+ end
@forwarded_proto = self["x-forwarded-proto"]
if host_port = self["x-forwarded-host"]
+ host_port = host_port.split(",", 2).first
@forwarded_host, tmp = host_port.split(":", 2)
@forwarded_port = (tmp || (@forwarded_proto == "https" ? 443 : 80)).to_i
end
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-05 12:18:23 +0000