From cae6d2c4767f10484e0ac047ec13118a99757309 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Dywicki?= Date: Sat, 22 May 2021 01:35:07 +0200 Subject: [PATCH] Solve troubles with chained X-Forwarded headers. X-Forwarded-Proto can be a list ie. https, http when two proxy servers are used. This patch makes sure that generated response uses first host/values. --- .../core/io/rest/core/internal/item/ItemResource.java | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/bundles/org.opensmarthouse.core.io.rest.item/src/main/java/org/openhab/core/io/rest/core/internal/item/ItemResource.java b/bundles/org.opensmarthouse.core.io.rest.item/src/main/java/org/openhab/core/io/rest/core/internal/item/ItemResource.java index 5aeee8b42..1a93d27a0 100755 --- a/bundles/org.opensmarthouse.core.io.rest.item/src/main/java/org/openhab/core/io/rest/core/internal/item/ItemResource.java +++ b/bundles/org.opensmarthouse.core.io.rest.item/src/main/java/org/openhab/core/io/rest/core/internal/item/ItemResource.java @@ -149,13 +149,21 @@ public class ItemResource implements RESTResource { */ private static void respectForwarded(final UriBuilder uriBuilder, final @Context HttpHeaders httpHeaders) { Optional.ofNullable(httpHeaders.getHeaderString("X-Forwarded-Host")).ifPresent(host -> { + if (host.contains(",")) { + host = host.split(",")[0]; + } final String[] parts = host.split(":"); uriBuilder.host(parts[0]); if (parts.length > 1) { uriBuilder.port(Integer.parseInt(parts[1])); } }); - Optional.ofNullable(httpHeaders.getHeaderString("X-Forwarded-Proto")).ifPresent(uriBuilder::scheme); + Optional.ofNullable(httpHeaders.getHeaderString("X-Forwarded-Proto")).map(scheme -> { + if (scheme.contains(",")) { + return scheme.split(",")[0]; + } + return scheme; + }).ifPresent(uriBuilder::scheme); } private final Logger logger = LoggerFactory.getLogger(ItemResource.class);