Skip to content

Commit

Permalink
Handle empty HOST header when processing connection information (#2724)
Browse files Browse the repository at this point in the history
Fixes #2723
  • Loading branch information
violetagg authored Mar 10, 2023
1 parent 85e053d commit 9b23fed
Show file tree
Hide file tree
Showing 2 changed files with 48 additions and 4 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -65,10 +65,12 @@ static ConnectionInfo from(Channel channel, HttpRequest request, boolean secured
String header = request.headers().get(HttpHeaderNames.HOST);
if (header != null) {
hostName = header;
int portIndex = header.charAt(0) == '[' ? header.indexOf(':', header.indexOf(']')) : header.indexOf(':');
if (portIndex != -1) {
hostName = header.substring(0, portIndex);
hostPort = Integer.parseInt(header.substring(portIndex + 1));
if (!header.isEmpty()) {
int portIndex = header.charAt(0) == '[' ? header.indexOf(':', header.indexOf(']')) : header.indexOf(':');
if (portIndex != -1) {
hostName = header.substring(0, portIndex);
hostPort = Integer.parseInt(header.substring(portIndex + 1));
}
}
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -90,6 +90,20 @@ void noHeaders() {
});
}

@Test
void noHeadersEmptyHostHeader() {
testClientRequest(
clientRequestHeaders -> clientRequestHeaders.set(HttpHeaderNames.HOST, ""),
serverRequest -> {
Assertions.assertThat(serverRequest.hostAddress().getHostString())
.containsPattern("^0:0:0:0:0:0:0:1(%\\w*)?|127.0.0.1$");
Assertions.assertThat(serverRequest.hostAddress().getPort()).isEqualTo(this.disposableServer.port());
Assertions.assertThat(serverRequest.hostName()).isEmpty();
int port = serverRequest.scheme().equals("https") ? DEFAULT_HTTPS_PORT : DEFAULT_HTTP_PORT;
Assertions.assertThat(serverRequest.hostPort()).isEqualTo(port);
});
}

@Test
void hostHeaderNoForwardedHeaders() {
testClientRequest(
Expand Down Expand Up @@ -130,6 +144,20 @@ void forwardedHost() {
});
}

@Test
void forwardedHostEmptyHostHeader() {
testClientRequest(
clientRequestHeaders -> clientRequestHeaders.add("Forwarded", "host=192.168.0.1")
.set(HttpHeaderNames.HOST, ""),
serverRequest -> {
Assertions.assertThat(serverRequest.hostAddress().getHostString()).isEqualTo("192.168.0.1");
int port = serverRequest.scheme().equals("https") ? DEFAULT_HTTPS_PORT : DEFAULT_HTTP_PORT;
Assertions.assertThat(serverRequest.hostAddress().getPort()).isEqualTo(port);
Assertions.assertThat(serverRequest.hostName()).isEqualTo("192.168.0.1");
Assertions.assertThat(serverRequest.hostPort()).isEqualTo(port);
});
}

@Test
void forwardedHostIpV6() {
testClientRequest(
Expand Down Expand Up @@ -168,6 +196,20 @@ void xForwardedHost() {
});
}

@Test
void xForwardedHostEmptyHostHeader() {
testClientRequest(
clientRequestHeaders -> clientRequestHeaders.add("X-Forwarded-Host",
"[1abc:2abc:3abc::5ABC:6abc], 192.168.0.1").set(HttpHeaderNames.HOST, ""),
serverRequest -> {
Assertions.assertThat(serverRequest.hostAddress().getHostString()).isEqualTo("1abc:2abc:3abc:0:0:0:5abc:6abc");
int port = serverRequest.scheme().equals("https") ? DEFAULT_HTTPS_PORT : DEFAULT_HTTP_PORT;
Assertions.assertThat(serverRequest.hostAddress().getPort()).isEqualTo(port);
Assertions.assertThat(serverRequest.hostName()).isEqualTo("1abc:2abc:3abc:0:0:0:5abc:6abc");
Assertions.assertThat(serverRequest.hostPort()).isEqualTo(port);
});
}

@Test
void xForwardedHostPortIncluded() {
testClientRequest(
Expand Down

0 comments on commit 9b23fed

Please sign in to comment.