Skip to content

Commit cc296c5

Browse files
committed
Polishing contribution
Closes gh-30137
1 parent a1c4fb3 commit cc296c5

File tree

2 files changed

+25
-12
lines changed

2 files changed

+25
-12
lines changed

spring-web/src/main/java/org/springframework/web/server/adapter/ForwardedHeaderTransformer.java

Lines changed: 14 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,7 @@
1818

1919
import java.net.InetSocketAddress;
2020
import java.net.URI;
21+
import java.net.URISyntaxException;
2122
import java.util.Collections;
2223
import java.util.Locale;
2324
import java.util.Set;
@@ -30,6 +31,7 @@
3031
import org.springframework.util.LinkedCaseInsensitiveMap;
3132
import org.springframework.util.StringUtils;
3233
import org.springframework.web.util.ForwardedHeaderUtils;
34+
import org.springframework.web.util.UriComponents;
3335

3436
/**
3537
* Extract values from "Forwarded" and "X-Forwarded-*" headers to override
@@ -102,7 +104,7 @@ public ServerHttpRequest apply(ServerHttpRequest request) {
102104
if (!this.removeOnly) {
103105
URI originalUri = request.getURI();
104106
HttpHeaders headers = request.getHeaders();
105-
URI uri = ForwardedHeaderUtils.adaptFromForwardedHeaders(originalUri, headers).build(true).toUri();
107+
URI uri = adaptFromForwardedHeaders(originalUri, headers);
106108
builder.uri(uri);
107109
String prefix = getForwardedPrefix(request);
108110
if (prefix != null) {
@@ -121,6 +123,17 @@ public ServerHttpRequest apply(ServerHttpRequest request) {
121123
return request;
122124
}
123125

126+
private static URI adaptFromForwardedHeaders(URI uri, HttpHeaders headers) {
127+
// GH-30137: assume URI is encoded, but avoid build(true) for more lenient handling
128+
UriComponents components = ForwardedHeaderUtils.adaptFromForwardedHeaders(uri, headers).build();
129+
try {
130+
return new URI(components.toUriString());
131+
}
132+
catch (URISyntaxException ex) {
133+
throw new IllegalStateException("Could not create URI object: " + ex.getMessage(), ex);
134+
}
135+
}
136+
124137
/**
125138
* Whether the request has any Forwarded headers.
126139
* @param request the request

spring-web/src/test/java/org/springframework/web/server/adapter/ForwardedHeaderTransformerTests.java

Lines changed: 11 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
/*
2-
* Copyright 2002-2022 the original author or authors.
2+
* Copyright 2002-202 the original author or authors.
33
*
44
* Licensed under the Apache License, Version 2.0 (the "License");
55
* you may not use this file except in compliance with the License.
@@ -57,7 +57,7 @@ void removeOnly() {
5757
}
5858

5959
@Test
60-
void xForwardedHeaders() throws Exception {
60+
void xForwardedHeaders() {
6161
HttpHeaders headers = new HttpHeaders();
6262
headers.add("X-Forwarded-Host", "84.198.58.199");
6363
headers.add("X-Forwarded-Port", "443");
@@ -70,7 +70,7 @@ void xForwardedHeaders() throws Exception {
7070
}
7171

7272
@Test
73-
void forwardedHeader() throws Exception {
73+
void forwardedHeader() {
7474
HttpHeaders headers = new HttpHeaders();
7575
headers.add("Forwarded", "host=84.198.58.199;proto=https");
7676
ServerHttpRequest request = this.requestMutator.apply(getRequest(headers));
@@ -80,7 +80,7 @@ void forwardedHeader() throws Exception {
8080
}
8181

8282
@Test
83-
void xForwardedPrefix() throws Exception {
83+
void xForwardedPrefix() {
8484
HttpHeaders headers = new HttpHeaders();
8585
headers.add("X-Forwarded-Prefix", "/prefix");
8686
ServerHttpRequest request = this.requestMutator.apply(getRequest(headers));
@@ -91,7 +91,7 @@ void xForwardedPrefix() throws Exception {
9191
}
9292

9393
@Test // gh-23305
94-
void xForwardedPrefixShouldNotLeadToDecodedPath() throws Exception {
94+
void xForwardedPrefixShouldNotLeadToDecodedPath() {
9595
HttpHeaders headers = new HttpHeaders();
9696
headers.add("X-Forwarded-Prefix", "/prefix");
9797
ServerHttpRequest request = MockServerHttpRequest
@@ -107,7 +107,7 @@ void xForwardedPrefixShouldNotLeadToDecodedPath() throws Exception {
107107
}
108108

109109
@Test
110-
void xForwardedPrefixTrailingSlash() throws Exception {
110+
void xForwardedPrefixTrailingSlash() {
111111
HttpHeaders headers = new HttpHeaders();
112112
headers.add("X-Forwarded-Prefix", "/prefix////");
113113
ServerHttpRequest request = this.requestMutator.apply(getRequest(headers));
@@ -118,7 +118,7 @@ void xForwardedPrefixTrailingSlash() throws Exception {
118118
}
119119

120120
@Test // SPR-17525
121-
void shouldNotDoubleEncode() throws Exception {
121+
void shouldNotDoubleEncode() {
122122
HttpHeaders headers = new HttpHeaders();
123123
headers.add("Forwarded", "host=84.198.58.199;proto=https");
124124

@@ -133,8 +133,8 @@ void shouldNotDoubleEncode() throws Exception {
133133
assertForwardedHeadersRemoved(request);
134134
}
135135

136-
@Test
137-
void shouldHandleUnencodedUri() throws Exception {
136+
@Test // gh-30137
137+
void shouldHandleUnencodedUri() {
138138
HttpHeaders headers = new HttpHeaders();
139139
headers.add("Forwarded", "host=84.198.58.199;proto=https");
140140
ServerHttpRequest request = MockServerHttpRequest
@@ -149,7 +149,7 @@ void shouldHandleUnencodedUri() throws Exception {
149149
}
150150

151151
@Test
152-
void shouldConcatenatePrefixes() throws Exception {
152+
void shouldConcatenatePrefixes() {
153153
HttpHeaders headers = new HttpHeaders();
154154
headers.add("X-Forwarded-Prefix", "/first,/second");
155155
ServerHttpRequest request = this.requestMutator.apply(getRequest(headers));
@@ -160,7 +160,7 @@ void shouldConcatenatePrefixes() throws Exception {
160160
}
161161

162162
@Test
163-
void shouldConcatenatePrefixesWithTrailingSlashes() throws Exception {
163+
void shouldConcatenatePrefixesWithTrailingSlashes() {
164164
HttpHeaders headers = new HttpHeaders();
165165
headers.add("X-Forwarded-Prefix", "/first/,/second//");
166166
ServerHttpRequest request = this.requestMutator.apply(getRequest(headers));

0 commit comments

Comments
 (0)