Package org.eclipse.jetty.server

Class ForwardedRequestCustomizer

  • All Implemented Interfaces:
    HttpConfiguration.Customizer
    @Deprecated(since="2021-05-27")
public class ForwardedRequestCustomizer
extends Object
implements HttpConfiguration.Customizer
    Deprecated.
    The Eclipse Jetty and Apache Felix Http Jetty packages are no longer supported.
    Customize Requests for Proxy Forwarding.

    This customizer looks at at HTTP request for headers that indicate it has been forwarded by one or more proxies. Specifically handled are

    • Forwarded, as defined by rfc7239
    • X-Forwarded-Host
    • X-Forwarded-Server
    • X-Forwarded-For
    • X-Forwarded-Proto
    • X-Proxied-Https

    If these headers are present, then the Request object is updated so that the proxy is not seen as the other end point of the connection on which the request came

    Headers can also be defined so that forwarded SSL Session IDs and Cipher suites may be customised

    The Authority (host and port) is updated on the Request object based on the host / port information in the following search order.

    Request Authority Search Order
    # Value Origin Host Port Protocol Notes
    1 Forwarded Header "host=<host>" param (Required) "host=<host>:<port> param (Implied) "proto=<value>" param (Optional) From left-most relevant parameter (see rfc7239)
    2 X-Forwarded-Host Header Required Implied n/a left-most value
    3 X-Forwarded-Port Header n/a Required n/a left-most value (only if getForwardedPortAsAuthority() is true)
    4 X-Forwarded-Server Header Required Optional n/a left-most value
    5 X-Forwarded-Proto Header n/a Implied from value Required

    left-most value becomes protocol.
    6 X-Proxied-Https Header n/a Implied from value boolean

    left-most value determines protocol and port.
    See Also:
    Wikipedia: X-Forwarded-For, RFC 7239: Forwarded HTTP Extension

    • Constructor Detail

      • ForwardedRequestCustomizer

        public ForwardedRequestCustomizer()
        Deprecated.

    • Method Detail

      • getProxyAsAuthority

        public boolean getProxyAsAuthority()
        Deprecated.
        Returns:
        true if the proxy address obtained via X-Forwarded-Server or RFC7239 "by" is used as the request authority. Default false

      • setProxyAsAuthority

        public void setProxyAsAuthority​(boolean proxyAsAuthority)
        Deprecated.
        Parameters:
        proxyAsAuthority - if true, use the proxy address obtained via X-Forwarded-Server or RFC7239 "by" as the request authority.

      • setForwardedOnly

        public void setForwardedOnly​(boolean rfc7239only)
        Deprecated.
        Parameters:
        rfc7239only - Configure to only support the RFC7239 Forwarded header and to not support any X-Forwarded- headers. This convenience method clears all the non RFC headers if passed true and sets them to the default values (if not already set) if passed false.

      • getForcedHost

        public String getForcedHost()
        Deprecated.

      • getForwardedHeader

        public String getForwardedHeader()
        Deprecated.
        Returns:
        The header name for RFC forwarded (default Forwarded)

      • setForwardedHeader

        public void setForwardedHeader​(String forwardedHeader)
        Deprecated.
        Parameters:
        forwardedHeader - The header name for RFC forwarded (default Forwarded)

      • getForwardedHostHeader

        public String getForwardedHostHeader()
        Deprecated.

      • setForwardedHostHeader

        public void setForwardedHostHeader​(String forwardedHostHeader)
        Deprecated.
        Parameters:
        forwardedHostHeader - The header name for forwarded hosts (default X-Forwarded-Host)

      • getForwardedServerHeader

        public String getForwardedServerHeader()
        Deprecated.
        Returns:
        the header name for forwarded server.

      • setForwardedServerHeader

        public void setForwardedServerHeader​(String forwardedServerHeader)
        Deprecated.
        Parameters:
        forwardedServerHeader - The header name for forwarded server (default X-Forwarded-Server)

      • getForwardedForHeader

        public String getForwardedForHeader()
        Deprecated.
        Returns:
        the forwarded for header

      • setForwardedForHeader

        public void setForwardedForHeader​(String forwardedRemoteAddressHeader)
        Deprecated.
        Parameters:
        forwardedRemoteAddressHeader - The header name for forwarded for (default X-Forwarded-For)

      • getForwardedPortHeader

        public String getForwardedPortHeader()
        Deprecated.

      • setForwardedPortHeader

        public void setForwardedPortHeader​(String forwardedPortHeader)
        Deprecated.
        Parameters:
        forwardedPortHeader - The header name for forwarded hosts (default X-Forwarded-Port)

      • getForwardedPortAsAuthority

        public boolean getForwardedPortAsAuthority()
        Deprecated.
        Returns:
        if true, the X-Forwarded-Port header applies to the authority, else it applies to the remote client address

      • setForwardedPortAsAuthority

        public void setForwardedPortAsAuthority​(boolean forwardedPortAsAuthority)
        Deprecated.
        Set if the X-Forwarded-Port header will be used for Authority
        Parameters:
        forwardedPortAsAuthority - if true, the X-Forwarded-Port header applies to the authority, else it applies to the remote client address

      • getForwardedProtoHeader

        public String getForwardedProtoHeader()
        Deprecated.
        Get the forwardedProtoHeader.
        Returns:
        the forwardedProtoHeader (default X-Forwarded-Proto)

      • setForwardedProtoHeader

        public void setForwardedProtoHeader​(String forwardedProtoHeader)
        Deprecated.
        Set the forwardedProtoHeader.
        Parameters:
        forwardedProtoHeader - the forwardedProtoHeader to set (default X-Forwarded-Proto)

      • getForwardedCipherSuiteHeader

        public String getForwardedCipherSuiteHeader()
        Deprecated.
        Returns:
        The header name holding a forwarded cipher suite (default Proxy-auth-cert)

      • setForwardedCipherSuiteHeader

        public void setForwardedCipherSuiteHeader​(String forwardedCipherSuiteHeader)
        Deprecated.
        Parameters:
        forwardedCipherSuiteHeader - The header name holding a forwarded cipher suite (default Proxy-auth-cert)

      • getForwardedSslSessionIdHeader

        public String getForwardedSslSessionIdHeader()
        Deprecated.
        Returns:
        The header name holding a forwarded SSL Session ID (default Proxy-ssl-id)

      • setForwardedSslSessionIdHeader

        public void setForwardedSslSessionIdHeader​(String forwardedSslSessionIdHeader)
        Deprecated.
        Parameters:
        forwardedSslSessionIdHeader - The header name holding a forwarded SSL Session ID (default Proxy-ssl-id)

      • getForwardedHttpsHeader

        public String getForwardedHttpsHeader()
        Deprecated.
        Returns:
        The header name holding a forwarded Https status indicator (on|off true|false) (default X-Proxied-Https)

      • setForwardedHttpsHeader

        public void setForwardedHttpsHeader​(String forwardedHttpsHeader)
        Deprecated.
        Parameters:
        forwardedHttpsHeader - the header name holding a forwarded Https status indicator(default X-Proxied-Https)

      • isSslIsSecure

        public boolean isSslIsSecure()
        Deprecated.
        Returns:
        true if the presence of an SSL session or certificate header is sufficient to indicate a secure request (default is true)

      • setSslIsSecure

        public void setSslIsSecure​(boolean sslIsSecure)
        Deprecated.
        Parameters:
        sslIsSecure - true if the presence of an SSL session or certificate header is sufficient to indicate a secure request (default is true)