Details
-
Bug
-
Status: Closed
-
Normal
-
Resolution: Fixed
-
2.28.09
Description
Background
One of the proxies at the client sets the " X-Forwarded-Proto" header, somehow in capitals : "HTTP".
Current situation
The hst gives a 301 status code with as location the same url as the requested url.
Reproduction
- create a project with the archetype
mvn archetype:generate \ -DarchetypeGroupId=org.onehippo.cms7 \ -DarchetypeArtifactId=hippo-project-archetype \ -DarchetypeVersion=2.00.09 \ -DarchetypeRepository=http://maven.onehippo.com/maven2 - use the default options
- cd to myhippoproject
- mvn clean package
- mvn -Pcargo.run
- go to http://localhost:8080/site
- add news support
- rebuild and run according to instructions
- In another terminal run:
wget -O /dev/null -S --no-proxy --header 'Host: localhost' --header 'X-Forwarded-Proto: HTTP' 'http://localhost:8080/site/'
- observe the redirects:
$ wget -O /dev/null -S --no-proxy --header 'Host: localhost' --header 'X-Forwarded-Proto: HTTP' 'http://localhost:8080/site/' --2015-06-08 15:16:32-- http://localhost:8080/site/ Resolving localhost... ::1, 127.0.0.1 Connecting to localhost|::1|:8080... connected. HTTP request sent, awaiting response... HTTP/1.1 301 Moved Permanently Server: Apache-Coyote/1.1 Location: http://localhost/site/ Content-Length: 0 Date: Mon, 08 Jun 2015 13:16:32 GMT Location: http://localhost/site/ [following] --2015-06-08 15:16:32-- http://localhost/site/ Connecting to localhost|::1|:80... connected. HTTP request sent, awaiting response... HTTP/1.1 301 Moved Permanently Date: Mon, 08 Jun 2015 13:16:32 GMT Server: Apache-Coyote/1.1 Location: http://localhost/site/ Content-Length: 0 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Location: http://localhost/site/ [following] --2015-06-08 15:16:32-- http://localhost/site/ Reusing existing connection to [localhost]:80. HTTP request sent, awaiting response... HTTP/1.1 301 Moved Permanently Date: Mon, 08 Jun 2015 13:16:32 GMT Server: Apache-Coyote/1.1 Location: http://localhost/site/ Content-Length: 0 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Location: http://localhost/site/ [following] --2015-06-08 15:16:32-- http://localhost/site/ Reusing existing connection to [localhost]:80. HTTP request sent, awaiting response... HTTP/1.1 301 Moved Permanently Date: Mon, 08 Jun 2015 13:16:32 GMT Server: Apache-Coyote/1.1 Location: http://localhost/site/ Content-Length: 0 Keep-Alive: timeout=5, max=98 Connection: Keep-Alive Location: http://localhost/site/ [following] --2015-06-08 15:16:32-- http://localhost/site/ Reusing existing connection to [localhost]:80. HTTP request sent, awaiting response... HTTP/1.1 301 Moved Permanently Date: Mon, 08 Jun 2015 13:16:32 GMT Server: Apache-Coyote/1.1 Location: http://localhost/site/ Content-Length: 0 Keep-Alive: timeout=5, max=97 Connection: Keep-Alive Location: http://localhost/site/ [following] --2015-06-08 15:16:32-- http://localhost/site/ Reusing existing connection to [localhost]:80. HTTP request sent, awaiting response... HTTP/1.1 301 Moved Permanently Date: Mon, 08 Jun 2015 13:16:32 GMT Server: Apache-Coyote/1.1 Location: http://localhost/site/ Content-Length: 0 Keep-Alive: timeout=5, max=96 Connection: Keep-Alive Location: http://localhost/site/ [following] --2015-06-08 15:16:32-- http://localhost/site/ Reusing existing connection to [localhost]:80. HTTP request sent, awaiting response... HTTP/1.1 301 Moved Permanently Date: Mon, 08 Jun 2015 13:16:32 GMT Server: Apache-Coyote/1.1 Location: http://localhost/site/ Content-Length: 0 Keep-Alive: timeout=5, max=95 Connection: Keep-Alive Location: http://localhost/site/ [following] --2015-06-08 15:16:32-- http://localhost/site/ Reusing existing connection to [localhost]:80. HTTP request sent, awaiting response... HTTP/1.1 301 Moved Permanently Date: Mon, 08 Jun 2015 13:16:32 GMT Server: Apache-Coyote/1.1 Location: http://localhost/site/ Content-Length: 0 Keep-Alive: timeout=5, max=94 Connection: Keep-Alive Location: http://localhost/site/ [following] --2015-06-08 15:16:32-- http://localhost/site/ Reusing existing connection to [localhost]:80. HTTP request sent, awaiting response... HTTP/1.1 301 Moved Permanently Date: Mon, 08 Jun 2015 13:16:32 GMT Server: Apache-Coyote/1.1 Location: http://localhost/site/ Content-Length: 0 Keep-Alive: timeout=5, max=93 Connection: Keep-Alive Location: http://localhost/site/ [following] --2015-06-08 15:16:32-- http://localhost/site/ Reusing existing connection to [localhost]:80. HTTP request sent, awaiting response... HTTP/1.1 301 Moved Permanently Date: Mon, 08 Jun 2015 13:16:32 GMT Server: Apache-Coyote/1.1 Location: http://localhost/site/ Content-Length: 0 Keep-Alive: timeout=5, max=92 Connection: Keep-Alive Location: http://localhost/site/ [following] --2015-06-08 15:16:32-- http://localhost/site/ Reusing existing connection to [localhost]:80. HTTP request sent, awaiting response... HTTP/1.1 301 Moved Permanently Date: Mon, 08 Jun 2015 13:16:32 GMT Server: Apache-Coyote/1.1 Location: http://localhost/site/ Content-Length: 0 Keep-Alive: timeout=5, max=91 Connection: Keep-Alive Location: http://localhost/site/ [following] --2015-06-08 15:16:32-- http://localhost/site/ Reusing existing connection to [localhost]:80. HTTP request sent, awaiting response... HTTP/1.1 301 Moved Permanently Date: Mon, 08 Jun 2015 13:16:32 GMT Server: Apache-Coyote/1.1 Location: http://localhost/site/ Content-Length: 0 Keep-Alive: timeout=5, max=90 Connection: Keep-Alive Location: http://localhost/site/ [following] --2015-06-08 15:16:32-- http://localhost/site/ Reusing existing connection to [localhost]:80. HTTP request sent, awaiting response... HTTP/1.1 301 Moved Permanently Date: Mon, 08 Jun 2015 13:16:32 GMT Server: Apache-Coyote/1.1 Location: http://localhost/site/ Content-Length: 0 Keep-Alive: timeout=5, max=89 Connection: Keep-Alive Location: http://localhost/site/ [following] --2015-06-08 15:16:32-- http://localhost/site/ Reusing existing connection to [localhost]:80. HTTP request sent, awaiting response... HTTP/1.1 301 Moved Permanently Date: Mon, 08 Jun 2015 13:16:32 GMT Server: Apache-Coyote/1.1 Location: http://localhost/site/ Content-Length: 0 Keep-Alive: timeout=5, max=88 Connection: Keep-Alive Location: http://localhost/site/ [following] --2015-06-08 15:16:32-- http://localhost/site/ Reusing existing connection to [localhost]:80. HTTP request sent, awaiting response... HTTP/1.1 301 Moved Permanently Date: Mon, 08 Jun 2015 13:16:32 GMT Server: Apache-Coyote/1.1 Location: http://localhost/site/ Content-Length: 0 Keep-Alive: timeout=5, max=87 Connection: Keep-Alive Location: http://localhost/site/ [following] --2015-06-08 15:16:32-- http://localhost/site/ Reusing existing connection to [localhost]:80. HTTP request sent, awaiting response... HTTP/1.1 301 Moved Permanently Date: Mon, 08 Jun 2015 13:16:32 GMT Server: Apache-Coyote/1.1 Location: http://localhost/site/ Content-Length: 0 Keep-Alive: timeout=5, max=86 Connection: Keep-Alive Location: http://localhost/site/ [following] --2015-06-08 15:16:32-- http://localhost/site/ Reusing existing connection to [localhost]:80. HTTP request sent, awaiting response... HTTP/1.1 301 Moved Permanently Date: Mon, 08 Jun 2015 13:16:32 GMT Server: Apache-Coyote/1.1 Location: http://localhost/site/ Content-Length: 0 Keep-Alive: timeout=5, max=85 Connection: Keep-Alive Location: http://localhost/site/ [following] --2015-06-08 15:16:32-- http://localhost/site/ Reusing existing connection to [localhost]:80. HTTP request sent, awaiting response... HTTP/1.1 301 Moved Permanently Date: Mon, 08 Jun 2015 13:16:32 GMT Server: Apache-Coyote/1.1 Location: http://localhost/site/ Content-Length: 0 Keep-Alive: timeout=5, max=84 Connection: Keep-Alive Location: http://localhost/site/ [following] --2015-06-08 15:16:32-- http://localhost/site/ Reusing existing connection to [localhost]:80. HTTP request sent, awaiting response... HTTP/1.1 301 Moved Permanently Date: Mon, 08 Jun 2015 13:16:32 GMT Server: Apache-Coyote/1.1 Location: http://localhost/site/ Content-Length: 0 Keep-Alive: timeout=5, max=83 Connection: Keep-Alive Location: http://localhost/site/ [following] --2015-06-08 15:16:32-- http://localhost/site/ Reusing existing connection to [localhost]:80. HTTP request sent, awaiting response... HTTP/1.1 301 Moved Permanently Date: Mon, 08 Jun 2015 13:16:32 GMT Server: Apache-Coyote/1.1 Location: http://localhost/site/ Content-Length: 0 Keep-Alive: timeout=5, max=82 Connection: Keep-Alive Location: http://localhost/site/ [following] --2015-06-08 15:16:32-- http://localhost/site/ Reusing existing connection to [localhost]:80. HTTP request sent, awaiting response... HTTP/1.1 301 Moved Permanently Date: Mon, 08 Jun 2015 13:16:32 GMT Server: Apache-Coyote/1.1 Location: http://localhost/site/ Content-Length: 0 Keep-Alive: timeout=5, max=81 Connection: Keep-Alive Location: http://localhost/site/ [following] 20 redirections exceeded.
Desired situation
The delivery tier gives a 200 status code and the requested webpage.
- Now observe the expected behaviour:
$ wget -O /dev/null -S --no-proxy --header 'Host: localhost' --header 'X-Forwarded-Proto: http' 'http://localhost:8080/site/' --2015-06-08 15:17:42-- http://localhost:8080/site/ Resolving localhost... ::1, 127.0.0.1 Connecting to localhost|::1|:8080... connected. HTTP request sent, awaiting response... HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Transfer-Encoding: chunked Date: Mon, 08 Jun 2015 13:17:43 GMT Length: unspecified [text/html] Saving to: '/dev/null' /dev/null [ <=> ] 1.08K --.-KB/s in 0s 2015-06-08 15:17:43 (66.2 MB/s) - '/dev/null' saved [1111]
Solution
See attached patch. The solution also exists for other headers. The patch only contains a solution for the X-Forwarded-Proto header. Additional work is needed to provide a robust solution that covers all headers.
Remarks
Back/Forward port might be needed.
Attachments
Issue Links
- relates to
-
-
- Closed
-