Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Inconsistent handling of X-Forwarded-Prefix in servlet and reactive stack #33465

Closed
krezovic opened this issue Sep 2, 2024 · 3 comments
Closed

Inconsistent handling of X-Forwarded-Prefix in servlet and reactive stack #33465

krezovic opened this issue Sep 2, 2024 · 3 comments
Assignees
@sdeleuze
Labels
in: web Issues in web modules (web, webmvc, webflux, websocket) type: bug A general bug
Milestone
6.1.13

Comments

@krezovic
Copy link

krezovic commented Sep 2, 2024

Affects: 6.1

I have stumbled upon hard-to-debug issue which affects the reactive stack (webflux) but works fine in servlet stack (webmvc)

The spring-cloud-gateway had sent the X-Forwarded-Prefix = '/myapp,/' header due to multiple "rewrite" usages.

Now, with server.forward-headers-strategy=framework everything works fine in servlet stack.

However, in reactive stack, it fails with

2024-09-02T16:21:11.153+02:00 DEBUG 12844 --- [o-auto-1-exec-1] o.s.w.s.adapter.HttpWebHandlerAdapter    : Failed to apply forwarded headers to HTTP GET "/test"

java.lang.IllegalArgumentException: Invalid contextPath: '/forwardedprefix/': must start with '/' and not end with '/'
        at org.springframework.http.server.DefaultRequestPath.validateContextPath(DefaultRequestPath.java:77) ~[spring-web-6.1.12.jar:6.1.12]
        at org.springframework.http.server.DefaultRequestPath.initContextPath(DefaultRequestPath.java:56) ~[spring-web-6.1.12.jar:6.1.12]
        at org.springframework.http.server.DefaultRequestPath.<init>(DefaultRequestPath.java:41) ~[spring-web-6.1.12.jar:6.1.12]
        at org.springframework.http.server.RequestPath.parse(RequestPath.java:79) ~[spring-web-6.1.12.jar:6.1.12]
        at org.springframework.http.server.RequestPath.parse(RequestPath.java:68) ~[spring-web-6.1.12.jar:6.1.12]
        at org.springframework.http.server.reactive.AbstractServerHttpRequest.<init>(AbstractServerHttpRequest.java:89) ~[spring-web-6.1.12.jar:6.1.12]
        at org.springframework.http.server.reactive.DefaultServerHttpRequestBuilder$MutatedServerHttpRequest.<init>(DefaultServerHttpRequestBuilder.java:195) ~[spring-web-6.1.12.jar:6.1.12]
        at org.springframework.http.server.reactive.DefaultServerHttpRequestBuilder.build(DefaultServerHttpRequestBuilder.java:135) ~[spring-web-6.1.12.jar:6.1.12]

I'd appreciate if this was unified across both servlet and reactive stacks. It took quite a while to debug this as we kept receiving error 400 and no @ControllerAdvice @ExceptionHandler was being called.

Reproducer:

https://github.com/krezovic/spring-forwardedprefix

Simply run ./mvnw test
@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged or decided on label Sep 2, 2024
@sdeleuze sdeleuze self-assigned this Sep 3, 2024
@sdeleuze sdeleuze added in: web Issues in web modules (web, webmvc, webflux, websocket) type: bug A general bug and removed status: waiting-for-triage An issue we've not yet triaged or decided on labels Sep 3, 2024
@sdeleuze sdeleuze added this to the 6.1.13 milestone Sep 4, 2024
@sdeleuze
Copy link
Contributor

sdeleuze commented Sep 4, 2024

Looks like a off-by-one error in ForwardedHeaderTransformer#getForwardedPrefix.

@quaff
Copy link
Contributor

quaff commented Sep 5, 2024

May I ask why not /myapp but /myapp,/ ?

@krezovic
Copy link
Author

krezovic commented Sep 5, 2024
edited
Loading

It was a misconfiguration;

We tried to implement sub-path based routing, but rather than using spring-cloud-gateway builtin "stripPrefix" filter, we used "rewritePath" twice - and each rewritePath invocation adds a segment to X-Forwarded-Prefix

We did eventually switch to stripPrefix, so it ended up as /myapp ... but that was after several hours of debugging "why the webflux app suddenly fails"

Since it went unnoticed for more than a year on our side, I figured it would be nice to report the issue to save somebody else the trouble.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sdeleuze sdeleuze

Labels
in: web Issues in web modules (web, webmvc, webflux, websocket) type: bug A general bug
Projects
None yet
Milestone
6.1.13
Development

No branches or pull requests
4 participants
@sdeleuze @quaff @spring-projects-issues @krezovic