Author: lindner
Date: Thu Oct 15 20:41:31 2009
New Revision: 825645
URL: http://svn.apache.org/viewvc?rev=825645&view=rev
Log:
SHINDIG-100 | Add common proxy headers to help reduce abuse
Modified:
incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/MakeRequestHandler.java
incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ProxyBase.java
incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ProxyHandler.java
incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/ProxyHandlerTest.java
Modified:
incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/MakeRequestHandler.java
URL:
http://svn.apache.org/viewvc/incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/MakeRequestHandler.java?rev=825645&r1=825644&r2=825645&view=diff
==============================================================================
---
incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/MakeRequestHandler.java
(original)
+++
incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/MakeRequestHandler.java
Thu Oct 15 20:41:31 2009
@@ -172,6 +172,8 @@
req.setSecurityToken(extractAndValidateToken(request));
req.setOAuthArguments(new OAuthArguments(auth, request));
}
+
+ this.setRequestHeaders(request, req);
return req;
}
Modified:
incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ProxyBase.java
URL:
http://svn.apache.org/viewvc/incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ProxyBase.java?rev=825645&r1=825644&r2=825645&view=diff
==============================================================================
---
incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ProxyBase.java
(original)
+++
incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ProxyBase.java
Thu Oct 15 20:41:31 2009
@@ -20,12 +20,14 @@
import com.google.common.collect.ImmutableSet;
+import org.apache.commons.lang.StringUtils;
import org.apache.shindig.common.servlet.HttpUtil;
import org.apache.shindig.common.uri.Uri;
import org.apache.shindig.common.uri.UriBuilder;
import org.apache.shindig.common.util.Utf8UrlCoder;
import org.apache.shindig.config.ContainerConfig;
import org.apache.shindig.gadgets.GadgetException;
+import org.apache.shindig.gadgets.http.HttpRequest;
import org.apache.shindig.gadgets.http.HttpResponse;
import java.io.IOException;
@@ -140,6 +142,19 @@
}
}
+ protected void setRequestHeaders(HttpServletRequest servletRequest,
HttpRequest req) {
+ String xff = servletRequest.getHeader("X-Forwarded-For");
+ String remoteAddr = servletRequest.getRemoteAddr();
+ if (!StringUtils.isEmpty(remoteAddr)) {
+ if (StringUtils.isEmpty(xff)) {
+ xff = servletRequest.getRemoteAddr();
+ } else {
+ xff = servletRequest.getRemoteAddr() + ", " + xff;
+ }
+ req.setHeader("X-Forwarded-For", xff);
+ }
+ }
+
/**
* Processes the given request.
*/
Modified:
incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ProxyHandler.java
URL:
http://svn.apache.org/viewvc/incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ProxyHandler.java?rev=825645&r1=825644&r2=825645&view=diff
==============================================================================
---
incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ProxyHandler.java
(original)
+++
incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ProxyHandler.java
Thu Oct 15 20:41:31 2009
@@ -104,7 +104,7 @@
// Ignore
}
}
-
+ this.setRequestHeaders(request, req);
return req;
}
Modified:
incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/ProxyHandlerTest.java
URL:
http://svn.apache.org/viewvc/incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/ProxyHandlerTest.java?rev=825645&r1=825644&r2=825645&view=diff
==============================================================================
---
incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/ProxyHandlerTest.java
(original)
+++
incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/ProxyHandlerTest.java
Thu Oct 15 20:41:31 2009
@@ -165,10 +165,32 @@
verify();
}
+ public void testXForwardedFor() throws Exception {
+ String url = "http://example.org/";;
+ String domain = "example.org";
+
+
expect(lockedDomainService.isSafeForOpenProxy(domain)).andReturn(true).atLeastOnce();
+ expect(request.getRemoteAddr()).andReturn("127.0.0.1").atLeastOnce();
+ setupProxyRequestMock(domain, url);
+
+ HttpRequest req = new HttpRequest(Uri.parse(url));
+ req.setHeader("X-Forwarded-For","127.0.0.1");
+
+ HttpResponse resp = new HttpResponse("Hello");
+
+ expect(pipeline.execute(req)).andReturn(resp);
+
+ replay();
+
+ proxyHandler.fetch(request, recorder);
+
+ verify();
+ }
+
private void expectMime(String expectedMime, String contentMime, String
outputMime)
throws Exception {
String url = "http://example.org/file.img?"; +
ProxyHandler.REWRITE_MIME_TYPE_PARAM +
- "=" + expectedMime;
+ '=' + expectedMime;
String domain = "example.org";
expect(lockedDomainService.isSafeForOpenProxy(domain)).andReturn(true).atLeastOnce();
