[cxf] branch master updated: CXF-8682: x-forwarded-proto header causes cxf to not match request to java method (#930)

[reta]

This is an automated email from the ASF dual-hosted git repository.

reta pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/cxf.git


The following commit(s) were added to refs/heads/master by this push:
     new 9cef39dd7c CXF-8682: x-forwarded-proto header causes cxf to not match 
request to java method (#930)
9cef39dd7c is described below

commit 9cef39dd7cefb44b23a41d618a304e7b4e6cf811
Author: Andriy Redko <drr...@gmail.com>
AuthorDate: Wed Apr 6 08:55:18 2022 -0400

    CXF-8682: x-forwarded-proto header causes cxf to not match request to java 
method (#930)
---
 .../java/org/apache/cxf/jaxrs/utils/HttpUtils.java |  4 +++-
 .../org/apache/cxf/jaxrs/utils/HttpUtilsTest.java  | 27 ++++++++++++++++++++++
 2 files changed, 30 insertions(+), 1 deletion(-)

diff --git 
a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/HttpUtils.java 
b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/HttpUtils.java
index aa42382348..54a0a59130 100644
--- a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/HttpUtils.java
+++ b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/HttpUtils.java
@@ -471,7 +471,9 @@ public final class HttpUtils {
             URI uri = new URI(endpointAddress);
             String path = uri.getRawPath();
             String scheme = uri.getScheme();
-            if (scheme != null && !scheme.startsWith(HttpUtils.HTTP_SCHEME)
+            // RFC-3986: the scheme and host are case-insensitive and 
therefore should 
+            // be normalized to lowercase. 
+            if (scheme != null && 
!scheme.toLowerCase().startsWith(HttpUtils.HTTP_SCHEME)
                 && HttpUtils.isHttpRequest(m)) {
                 path = HttpUtils.toAbsoluteUri(path, m).getRawPath();
             }
diff --git 
a/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/utils/HttpUtilsTest.java 
b/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/utils/HttpUtilsTest.java
index ec978eeeb6..7b56065bd0 100644
--- 
a/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/utils/HttpUtilsTest.java
+++ 
b/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/utils/HttpUtilsTest.java
@@ -221,6 +221,33 @@ public class HttpUtilsTest {
         doTestGetBaseAddress("/s", "/s");
     }
 
+    @Test
+    public void testGetBaseAddressHttpUriMixedCase() {
+        final String baseURI = "HTTP://LoCALHoST:8080/STORE";
+        
+        Message m = new MessageImpl();
+        HttpServletRequest req = EasyMock.createMock(HttpServletRequest.class);
+        m.put(AbstractHTTPDestination.HTTP_REQUEST, req);
+        Exchange exchange = new ExchangeImpl();
+        
+        req.getRequestURL();
+        EasyMock.expectLastCall().andReturn(new StringBuffer(baseURI));
+        req.getPathInfo();
+        EasyMock.expectLastCall().andReturn("/STORE");
+        req.getContextPath();
+        EasyMock.expectLastCall().andReturn("/");
+        req.getServletPath();
+        EasyMock.expectLastCall().andReturn("/");
+        EasyMock.replay(req);
+
+        m.setExchange(exchange);
+        Destination dest = EasyMock.createMock(Destination.class);
+        exchange.setDestination(dest);
+        m.put(Message.BASE_PATH, baseURI);
+        String address = HttpUtils.getBaseAddress(m);
+        assertEquals("/STORE", address);
+    }
+
     @Test
     public void testReplaceAnyIPAddress() {
         Message m = new MessageImpl();