Re: [OT] HttpServletRequest.getRemoteAddr() sometimes returns NULL on Tomcat 9.0.30 and HTTP/2 secure requests

Wed, 05 Feb 2020 09:57:54 -0800 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Manuel,

On 2/5/20 12:12 PM, Manuel Dominguez Sarmiento wrote:
> Our filter is not doing anything fancy (and it has always worked 
> correctly before we ran into this bug). In pseudo-code:
> 
> public doFilter(request, response) {
> 
> String ip = request.getRemoteAddr(); boolean isProxy =
> isProxy(ip); if (isProxy) { String unwrappedIP =
> unwrapXForwardedFor(request); chain.doFilter(new 
> MobileProxyHidingServletRequestWrapper(request, unwrappedIP),
> response); } else { chain.doFilter(request, response); } }
> 
> All that MobileProxyHidingServletRequestWrapper is override 
> getRemoteAddr() returning unwrappedIP instead of delegating to the 
> actual request, while unwrapXForwardedFor() does what the name
> suggests, which is processing X-Forwarded-For to obtain the
> originating IP before it hit the detected proxy.

Any reason not to use the valves Tomcat provides to do pretty much
this exact thing?

https://tomcat.apache.org/tomcat-9.0-doc/config/valve.html#Remote_IP_Val
ve

- -chris
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/

iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl47AfoACgkQHPApP6U8
pFgywBAAxq4KZaxhO/X0EaoA3G3TDKURbDSrA2Hbke0QVgP3tX6QX6MDMEkbqTuv
x4S1xgXeNgWNIE9Dy62t4ciC6VZ21v6Rl4JMTOmtUO0ES+OBNTSYXstA1ZywBoMD
bRXHNjjdPtxAhhqQblfpKter+vn/k/PZ+45GgZSLNMrrJR+1idAafWs7YwpCHxfL
zh+C5C3uHu+bznCiOF/NQQ5d3/0mHyOj5nSpYx2ImSH+rgj0/Ch5w43L4chD1Lqj
aw2sqqC2z4Fzp3R8uNX/uMRV4flck9KILrfOe00BrMGVfPVuDDGa2J4NhSTs0oNx
Pda5j19QAP6wh6vIKH5KVM8fUWcb5KthcT34cxKttFl3gL0EedE40y97PHKxihJ5
BaT9M3MD0Lsh/mtgrSGcxHU1G0Vs5hHw9e9Zm0XqgQeLsuIALnSHcFyQcGBY05sH
9jljk/l+iMIp9xi3fXyCgYHRpCvbwOuT92V4pMYmwLCzvpfIrVspTi+7AxzbipBV
7tTvH4om0PSchj+Gj3ayOkQZsAyDZbJXbV4izxN3p1c8AJT5ZUmJnYqpKNtfAJpW
w/3OxIXoTUq3bbpb6AHrJe36+QU6+/C2WNqLBcevElr6T1oObKfzy1CjoUHxUQCm
wWxrSFac6atc56mVuPYAjs1DZ0sKpvts/ih6AwDF8+0jBzeJX+g=
=5GpE
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to