No X-Forwarded-For support fix #1634

Author: jknack

docs/asciidoc/handlers.adoc

@@ -10,6 +10,8 @@ include::handlers/csrf.adoc[]
 
 include::handlers/head.adoc[]
 
+include::handlers/proxy-peer-address.adoc[]
+
 include::handlers/rate-limit.adoc[]
 
 include::handlers/ssl.adoc[]

docs/asciidoc/handlers/access-log.adoc

@@ -54,3 +54,8 @@ Extra request or response headers can be appended at the end using the available
 - javadoc:AccessLogHandler[requestHeader, java.lang.String...]
 - javadoc:AccessLogHandler[responseHeader, java.lang.String...]
 
+[TIP]
+====
+If you run behind a reverse proxy that has been configured to send the X-Forwarded-* header,
+please consider to add the <<handlers-proxypeeraddresshandler, ProxyPeerAddressHandler>> to your pipeline.
+====

docs/asciidoc/handlers/proxy-peer-address.adoc

@@ -0,0 +1,54 @@
+=== ProxyPeerAddressHandler
+
+The javadoc:ProxyPeerAddressHandler[] handles `X-Forwarded-*` headers by updating the values on the 
+current context to match what was sent in the header(s).
+
+This should only be installed behind a reverse proxy that has been configured to send the
+`X-Forwarded-*` header, otherwise a remote user can spoof their address by sending a header with
+bogus values.
+
+.Usage
+[source, java, role = "primary"]
+----
+import io.jooby.Jooby;
+import io.jooby.ProxyPeerAddressHandler;
+...
+{
+  
+  decorator(new ProxyPeerAddressHandler());           <1>
+
+  get("/", ctx -> {
+    String remoteAddress = ctx.getRemoteAddress();    <2>
+    String scheme = ctx.getScheme();                  <3>
+    String host = ctx.getHost();                      <4>
+    int port = ctx.getPort();                         <5>
+    ...
+  });
+}
+----
+
+.Kotlin
+[source, kotlin, role = "secondary"]
+----
+import io.jooby.Jooby
+import io.jooby.ProxyPeerAddressHandler
+...
+{
+  decorator(ProxyPeerAddressHandler())                <1>
+  
+  get("/") {
+    val remoteAddress = ctx.remoteAddress             <2>
+    val scheme = ctx.scheme                           <3>
+    val host = ctx.host                               <4>
+    val port = ctx.port                               <5>
+    ...
+  }
+}
+----
+
+<1> Install ProxyPeerAddressHandler
+<2> Set `remote address` from `X-Forwarded-For`
+<3> Set `scheme` from `X-Forwarded-Proto`
+<4> Set `host` from `X-Forwarded-Host`
+<5> Set `port` from `X-Forwarded-Host` or `X-Forwarded-Port`
+

docs/asciidoc/handlers/ssl.adoc

@@ -12,7 +12,7 @@ import io.jooby.SSLHandler;
   
   setServerOptions(new ServerOptions().setSecurePort(8443));
 
-  before(new SSLHandler(false)); <1>
+  before(new SSLHandler()); <1>
   
   get("/", ctx -> {
     return ctx.getScheme();
@@ -31,7 +31,7 @@ import io.jooby.SSHandler
     securePort = 8443
   }
 
-  before(SSLHandler(false))      <1>
+  before(SSLHandler())      <1>
   
   get("/") {
     ...
@@ -42,7 +42,8 @@ import io.jooby.SSHandler
 <1> Install SSLHandler
 
 The SSL Handler recreates the HTTPs URL version using the `Host` header, if you are behind a proxy
-you will need to use the `X-Forwarded-Host` header. To do that just pass `true` to the SSLHandler.
+you will need to use the `X-Forwarded-Host` header. To do that install the 
+<<handlers-proxypeeraddresshandler, ProxyPeerAddressHandler>> into your pipeline.
 
 Optionally, you can specify the host to use:
 
@@ -84,3 +85,9 @@ import io.jooby.SSHandler
 ----
 
 For more information about SSL, please check the <<server-ssl, configure SSL>> section.
+
+[TIP]
+====
+If you run behind a reverse proxy that has been configured to send the X-Forwarded-* header,
+please consider to add the link:proxy-peer-address.adoc[] to your pipeline.
+====

jooby/src/main/java/io/jooby/AccessLogHandler.java

@@ -28,6 +28,10 @@
  * <a href="https://en.wikipedia.org/wiki/Common_Log_Format">NCSA format</a> (a.k.a common log
  * format).
  * </p>
+ *
+ * If you run behind a reverse proxy that has been configured to send the X-Forwarded-* header,
+ * please consider to add {@link ProxyPeerAddressHandler} to your pipeline.
+ *
  * <h2>usage</h2>
  *
  * <pre>{@code

jooby/src/main/java/io/jooby/Context.java

@@ -452,13 +452,19 @@ public interface Context extends Registry {
   /**
    * Recreates full/entire request url using the <code>Host</code> header.
    *
+   * If you run behind a reverse proxy that has been configured to send the X-Forwarded-* header,
+   * please consider to add {@link ProxyPeerAddressHandler} to your pipeline.
+   *
    * @return Full/entire request url using the <code>Host</code> header.
    */
   @Nonnull String getRequestURL();
 
   /**
    * Recreates full/entire request url using the <code>Host</code> header.
    *
+   * If you run behind a reverse proxy that has been configured to send the X-Forwarded-* header,
+   * please consider to add {@link ProxyPeerAddressHandler} to your pipeline.
+   *
    * @param path Path to use.
    * @return Full/entire request url using the <code>Host</code> header.
    */
@@ -471,7 +477,9 @@ public interface Context extends Registry {
    * @param useProxy True to trust/use the <code>X-Forwarded-Host</code>.
    * @return Full/entire request url using the <code>X-Forwarded-Host</code> when present
    *     or fallback to <code>Host</code> header when missing.
+   * @deprecated Use {@link ProxyPeerAddressHandler}.
    */
+  @Deprecated
   @Nonnull String getRequestURL(boolean useProxy);
 
   /**
@@ -482,44 +490,95 @@ public interface Context extends Registry {
    * @param useProxy True to trust/use the <code>X-Forwarded-Host</code>.
    * @return Full/entire request url using the <code>X-Forwarded-Host</code> when present
    *     or fallback to <code>Host</code> header when missing.
+   * @deprecated Use {@link ProxyPeerAddressHandler}.
    */
+  @Deprecated
   @Nonnull String getRequestURL(@Nonnull String path, boolean useProxy);
 
   /**
    * The IP address of the client or last proxy that sent the request.
    *
+   * If you run behind a reverse proxy that has been configured to send the X-Forwarded-* header,
+   * please consider to add {@link ProxyPeerAddressHandler} to your pipeline.
+   *
    * @return The IP address of the client or last proxy that sent the request.
    */
   @Nonnull String getRemoteAddress();
 
+  /**
+   * Set IP address of client or last proxy that sent the request.
+   *
+   * @param remoteAddress Remote Address.
+   * @return This context.
+   */
+  @Nonnull Context setRemoteAddress(@Nonnull String remoteAddress);
+
   /**
    * Return the host that this request was sent to, in general this will be the
-   * value of the Host header, minus the port specifier.
+   * value of the Host header, minus the port specifier. Unless, it is set manually using the
+   * {@link #setHost(String)} method.
+   *
+   * If you run behind a reverse proxy that has been configured to send the X-Forwarded-* header,
+   * please consider to add {@link ProxyPeerAddressHandler} to your pipeline.
    *
    * @return Return the host that this request was sent to, in general this will be the
    *     value of the Host header, minus the port specifier.
    */
   @Nonnull String getHost();
 
+  /**
+   * Set the host (without the port value).
+   *
+   * Please keep in mind this method doesn't alter/modify the <code>host</code> header.
+   *
+   * @param host Host value.
+   * @return This context.
+   */
+  @Nonnull Context setHost(@Nonnull String host);
+
+  /**
+   * Return the host and port that this request was sent to, in general this will be the
+   * value of the Host.
+   *
+   * If you run behind a reverse proxy that has been configured to send the X-Forwarded-* header,
+   * please consider to add {@link ProxyPeerAddressHandler} to your pipeline.
+   *
+   * @return Return the host that this request was sent to, in general this will be the
+   *     value of the Host header.
+   */
+  @Nonnull String getHostAndPort();
+
   /**
    * Return the host and port that this request was sent to, in general this will be the
    * value of the Host or X-Forwarded-Host header.
    *
    * @param useProxy When true this method looks for host data in the X-Forwarded-Host header.
    * @return Return the host that this request was sent to, in general this will be the
    *     value of the Host header.
+   * @deprecated Use {@link ProxyPeerAddressHandler}.
    */
-  @Nullable String getHostAndPort(boolean useProxy);
+  @Deprecated
+  @Nonnull String getHostAndPort(boolean useProxy);
 
   /**
    * Return the port that this request was sent to. In general this will be the value of the Host
    * header, minus the host name.
    *
-   * @return Return the port that this request was sent to. In general this will be the value of the Host
-   *     header, minus the host name.
+   * If no host header is present, this method returns the value of {@link #getServerPort()}.
+   *
+   * @return Return the port that this request was sent to. In general this will be the value of
+   *    the Host header, minus the host name.
    */
   int getPort();
 
+  /**
+   * Set port this request was sent to.
+   *
+   * @param port Port.
+   * @return This context.
+   */
+  @Nonnull Context setPort(int port);
+
   /**
    * The name of the protocol the request. Always in lower-case.
    *
@@ -557,6 +616,14 @@ public interface Context extends Registry {
    */
   @Nonnull String getScheme();
 
+  /**
+   * Set HTTP scheme in lower case.
+   *
+   * @param scheme HTTP scheme in lower case.
+   * @return This context.
+   */
+  @Nonnull Context setScheme(@Nonnull String scheme);
+
   /* **********************************************************************************************
    * Form API
    * **********************************************************************************************

jooby/src/main/java/io/jooby/DefaultContext.java

@@ -232,30 +232,16 @@ public interface DefaultContext extends Context {
   }
 
   @Override default @Nonnull String getRequestURL(@Nonnull String path, boolean useProxy) {
-    String scheme, hostAndPort;
-    if (useProxy && !header("X-Forwarded-Host").isMissing()) {
-      scheme = header("X-Forwarded-Proto").value(getScheme());
-      hostAndPort = getHostAndPort(true);
-    } else {
-      scheme = getScheme();
-      hostAndPort = getHostAndPort(false);
-    }
-    String host, port;
-    int i = hostAndPort.lastIndexOf(':');
-    if (i > 0) {
-      host = hostAndPort.substring(0, i).trim();
-      port = hostAndPort.substring(i + 1).trim();
-    } else {
-      host = hostAndPort;
-      port = "";
-    }
+    String scheme = getScheme();
+    String host = getHost();
+    int port = getPort();
     StringBuilder url = new StringBuilder();
     url.append(scheme).append("://").append(host);
-    if (port.length() > 0 && !port.equals("80") && !port.equals("443")) {
+    if (port > 0 && port != PORT && port != SECURE_PORT) {
       url.append(":").append(port);
     }
     if (path == null || path.length() == 0) {
-      url.append(pathString());
+      url.append(getRequestPath());
     } else {
       String contextPath = getContextPath();
       if (contextPath.equals("/")) {
@@ -287,6 +273,10 @@ public interface DefaultContext extends Context {
     return contentLength.isMissing() ? -1 : contentLength.longValue();
   }
 
+  @Override default @Nullable String getHostAndPort() {
+    return getHostAndPort(false);
+  }
+
   @Override default @Nullable String getHostAndPort(boolean useProxy) {
     return header(useProxy ? "X-Forwarded-Host" : "Host").toOptional()
         .map(value -> {
@@ -311,7 +301,7 @@ public interface DefaultContext extends Context {
   }
 
   @Override default int getPort() {
-    String hostAndPort = getHostAndPort(false);
+    String hostAndPort = getHostAndPort();
     if (hostAndPort != null) {
       int index = hostAndPort.indexOf(':');
       if (index > 0) {
@@ -323,7 +313,7 @@ public interface DefaultContext extends Context {
   }
 
   @Override default @Nonnull String getHost() {
-    String hostAndPort = getHostAndPort(false);
+    String hostAndPort = getHostAndPort();
     if (hostAndPort != null) {
       int index = hostAndPort.indexOf(':');
       return index > 0 ? hostAndPort.substring(0, index).trim() : hostAndPort;

jooby/src/main/java/io/jooby/ForwardingContext.java

@@ -219,10 +219,20 @@ public ForwardingContext(@Nonnull Context context) {
     return ctx.getRemoteAddress();
   }
 
+  @Nonnull @Override public Context setRemoteAddress(@Nonnull String remoteAddress) {
+    ctx.setRemoteAddress(remoteAddress);
+    return this;
+  }
+
   @Nonnull @Override public String getHost() {
     return ctx.getHost();
   }
 
+  @Nonnull @Override public Context setHost(@Nonnull String host) {
+    ctx.setHost(host);
+    return this;
+  }
+
   @Override public int getServerPort() {
     return ctx.getServerPort();
   }
@@ -235,6 +245,15 @@ public ForwardingContext(@Nonnull Context context) {
     return ctx.getPort();
   }
 
+  @Nonnull @Override public Context setPort(int port) {
+    this.ctx.setPort(port);
+    return this;
+  }
+
+  @Nonnull @Override public String getHostAndPort() {
+    return ctx.getHostAndPort();
+  }
+
   @Nullable @Override public String getHostAndPort(boolean useProxy) {
     return ctx.getHostAndPort(useProxy);
   }
@@ -263,6 +282,11 @@ public ForwardingContext(@Nonnull Context context) {
     return ctx.getScheme();
   }
 
+  @Nonnull @Override public Context setScheme(@Nonnull String scheme) {
+    this.ctx.setScheme(scheme);
+    return this;
+  }
+
   @Override @Nonnull public Formdata form() {
     return ctx.form();
   }