-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Manuel,
On 2/5/20 12:12 PM, Manuel Dominguez Sarmiento wrote: > Our filter is not doing anything fancy (and it has always worked > correctly before we ran into this bug). In pseudo-code: > > public doFilter(request, response) { > > String ip = request.getRemoteAddr(); boolean isProxy = > isProxy(ip); if (isProxy) { String unwrappedIP = > unwrapXForwardedFor(request); chain.doFilter(new > MobileProxyHidingServletRequestWrapper(request, unwrappedIP), > response); } else { chain.doFilter(request, response); } } > > All that MobileProxyHidingServletRequestWrapper is override > getRemoteAddr() returning unwrappedIP instead of delegating to the > actual request, while unwrapXForwardedFor() does what the name > suggests, which is processing X-Forwarded-For to obtain the > originating IP before it hit the detected proxy. Any reason not to use the valves Tomcat provides to do pretty much this exact thing? https://tomcat.apache.org/tomcat-9.0-doc/config/valve.html#Remote_IP_Val ve - -chris -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl47AfoACgkQHPApP6U8 pFgywBAAxq4KZaxhO/X0EaoA3G3TDKURbDSrA2Hbke0QVgP3tX6QX6MDMEkbqTuv x4S1xgXeNgWNIE9Dy62t4ciC6VZ21v6Rl4JMTOmtUO0ES+OBNTSYXstA1ZywBoMD bRXHNjjdPtxAhhqQblfpKter+vn/k/PZ+45GgZSLNMrrJR+1idAafWs7YwpCHxfL zh+C5C3uHu+bznCiOF/NQQ5d3/0mHyOj5nSpYx2ImSH+rgj0/Ch5w43L4chD1Lqj aw2sqqC2z4Fzp3R8uNX/uMRV4flck9KILrfOe00BrMGVfPVuDDGa2J4NhSTs0oNx Pda5j19QAP6wh6vIKH5KVM8fUWcb5KthcT34cxKttFl3gL0EedE40y97PHKxihJ5 BaT9M3MD0Lsh/mtgrSGcxHU1G0Vs5hHw9e9Zm0XqgQeLsuIALnSHcFyQcGBY05sH 9jljk/l+iMIp9xi3fXyCgYHRpCvbwOuT92V4pMYmwLCzvpfIrVspTi+7AxzbipBV 7tTvH4om0PSchj+Gj3ayOkQZsAyDZbJXbV4izxN3p1c8AJT5ZUmJnYqpKNtfAJpW w/3OxIXoTUq3bbpb6AHrJe36+QU6+/C2WNqLBcevElr6T1oObKfzy1CjoUHxUQCm wWxrSFac6atc56mVuPYAjs1DZ0sKpvts/ih6AwDF8+0jBzeJX+g= =5GpE -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org