Silvio, I'll respond more in Uwe's issue. Please post your details there to help the triage.
cheers On Sun, 13 Aug 2023 at 05:19, Uwe Schindler via jetty-users < jetty-users@eclipse.org> wrote: > I opened: https://github.com/eclipse/jetty.project/issues/10304 > Am 12.08.2023 um 19:30 schrieb Uwe Schindler via jetty-users: > > I have seen the same after upgrading my project to Java 12. The problem is > that all Customizers are not able to correctly set the port number. > > This is a blocker issue, because it makes it impossible to setup this > common setup: > > - NGINX as user facing web server with HTTPS enabled > - NGINX forwarding the requests to jetty listen only on localhost with > some arbitrary port number (in my case 8081). NGINX sets the following > headers: X-Forwarded-For, X-Forwarded-Proto, original "Host" header as sent > by client (no rewriting) > - Jetty with: http_config.addCustomizer(new > ForwardedRequestCustomizer()); > - Jetty 10 works fine it reads the clien't IP address and all other > information from X-Forwarded-For, the scheme is read from > X-Forwarded-Proto, and host header is coming from "Host" header. It also > extracts the port number from the host. > - Jetty 12 is setup in same way, it successfully extracts the client's > IP address and also it returns secure=true and uses "https://"; for > javax.servlet.HttServletRequest#getRequestURL(). But it always adds its own > private port number. I also tried to use setForcedHost("xyz:443") to make > sure it sees a port number. It still constructs all URLs with port number > 8081 where it listens on. > > I will open a bug report. From my experience the "customize()" method in > the RequestCustomizer does everything right also also returns the port > number, but the javax.servlet API seems to still use the port number used > by the connector's channel. > > I reverted back to Jetty 10. This won't work here. If you have any > suggestion to get the port corrcet, tell me, everything like subclassing > and implementing my own cutsomizer did not work. I was not able to debug > through everything and figure out where the listener port gets injected > again. > > I can say: With current status Jetty 12 is unuseable with the common proxy > setup using ForwardedRequestCustomizer as it tried to always inject its own > hidden/private port number instead of the default for the port as > negotiated by client/proxy with the Host header. > > -- > Uwe schindleruschind...@apache.org > ASF Member, Member of PMC and Committer of Apache Lucene and Apache Solr > Bremen, Germanyhttps://lucene.apache.org/https://solr.apache.org/ > > _______________________________________________ > jetty-users mailing list > jetty-users@eclipse.org > To unsubscribe from this list, visit > https://www.eclipse.org/mailman/listinfo/jetty-users > -- Greg Wilkins <gr...@webtide.com> CTO http://webtide.com
_______________________________________________ jetty-users mailing list jetty-users@eclipse.org To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/jetty-users
