Example usage for com.google.common.net HttpHeaders X_FORWARDED_PROTO

List of usage examples for com.google.common.net HttpHeaders X_FORWARDED_PROTO

  1. HOME
  2. Java
  3. com.google.common
  4. com.google.common.net.*
  5. HttpHeaders
  6. X_FORWARDED_PROTO

Introduction

In this page you can find the example usage for com.google.common.net HttpHeaders X_FORWARDED_PROTO.

Prototype

String X_FORWARDED_PROTO

To view the source code for com.google.common.net HttpHeaders X_FORWARDED_PROTO.

Click Source Link

Document

The HTTP X-Forwarded-Proto header field name.

Usage

From source file:org.openmrs.module.webservices.rest.web.controller.SwaggerSpecificationController.java

@RequestMapping(method = RequestMethod.GET)
public @ResponseBody String getSwaggerSpecification(HttpServletRequest request) throws Exception {

    String host = request.getHeader(HttpHeaders.HOST);

    String scheme = request.getHeader(HttpHeaders.X_FORWARDED_PROTO);
    if (scheme == null) {
        scheme = request.getScheme();/*from w w w  . ja  v  a2 s . co m*/
    }

    return new SwaggerSpecificationCreator().host(host).basePath(request.getContextPath() + "/ws/rest/v1")
            .scheme(Scheme.forValue(scheme))

            .getJSON();
}

From source file:org.sfs.util.SfsHttpUtil.java

public static String getRemoteServiceUrl(HttpServerRequest httpServerRequest) {
    try {//from  ww w  .j av a2 s. c o m
        URI absoluteRequestURI = new URI(httpServerRequest.absoluteURI());
        MultiMap headers = httpServerRequest.headers();

        String host = getFirstHeader(httpServerRequest, "X-Forwarded-Host");
        String contextRoot = getFirstHeader(httpServerRequest, SfsHttpHeaders.X_CONTEXT_ROOT);
        if (host == null)
            host = getFirstHeader(httpServerRequest, HttpHeaders.HOST);
        if (host == null)
            host = absoluteRequestURI.getHost();
        String proto = headers.get(HttpHeaders.X_FORWARDED_PROTO);
        if (proto == null)
            proto = absoluteRequestURI.getScheme();

        String serviceUrl;
        if (contextRoot != null) {
            serviceUrl = String.format("%s://%s/%s", proto, host, contextRoot);
        } else {
            serviceUrl = String.format("%s://%s", proto, host);
        }
        return serviceUrl;
    } catch (URISyntaxException e) {
        throw new RuntimeException(e);
    }
}

From source file:net.yacy.http.servlets.YaCyDefaultServlet.java

/**
 * Returns the URL base for this peer, determined from request HTTP header "Host" when present. Use this when absolute URL rendering is required, 
 * otherwise relative URLs should be preferred.<br/>
 * Note : this implementation lets the responsibility to any eventual Reverse Proxy to eventually rewrite the rendered absolute URL. Example Apache directive :
 * <code>Substitute "s|http://internal.yacypeer.com:8090/|http://www.example.com/yacy/|in"</code>.
 * From a security point of view this is preferable than eventually relying blindly here on a X-Forwarded-Host HTTP header that can be forged by an attacker.
 * @param header request header.//from  w  w  w  . java 2 s  .  com
 * @param sb Switchboard instance.
 * @return the application context (URL request base) from request header or default configuration. This is
 * either http://hostname:port or https://hostname:sslport
 */
public static String getContext(final RequestHeader header, final Switchboard sb) {
    String protocol = "http";
    String hostAndPort = null;
    if (header != null) {
        hostAndPort = header.get(HeaderFramework.HOST);
        protocol = header.getScheme();
    }

    /* Host and port still null : let's use the default local ones */
    if (hostAndPort == null) {
        if (sb != null) {
            hostAndPort = Domains.LOCALHOST + ":" + sb.getConfigInt("port", 8090);
        } else {
            hostAndPort = Domains.LOCALHOST + ":8090";
        }
    }

    if (header != null) {
        String protocolHeader = header.getScheme();

        /* Let's check this header has a valid value */
        if ("http".equals(protocolHeader) || "https".equals(protocolHeader)) {
            protocol = protocolHeader.toLowerCase();
        } else if (protocolHeader != null && !protocolHeader.isEmpty()) {
            ConcurrentLog.warn("FILEHANDLER", "YaCyDefaultServlet: illegal "
                    + HeaderFramework.X_YACY_REQUEST_SCHEME + " header value : " + protocolHeader);
        }

        /* This peer can also be behind a reverse proxy requested using https, even if the request coming to this YaCy peer is http only
         * Possible scenario (happens for example when YaCy is deployed on Heroku Platform) : User browser -> https://reverseProxy/yacyURL -> http://yacypeer/yacyURL
         * In that case, absolute URLs rendered by this peer (in rss feeds for example) must effectively start with the https scheme */
        protocolHeader = header.get(HttpHeaders.X_FORWARDED_PROTO.toString(), "").toLowerCase();

        /* Here we only allow an upgrade from HTTP to HTTPS, not the reverse (we don't want a forged HTTP header by an eventual attacker to force fallback to HTTP) */
        if ("https".equals(protocolHeader)) {
            protocol = protocolHeader;
        } else if (!protocolHeader.isEmpty()) {
            ConcurrentLog.warn("FILEHANDLER", "YaCyDefaultServlet: illegal "
                    + HttpHeaders.X_FORWARDED_PROTO.toString() + " header value : " + protocolHeader);
        }
    }

    return protocol + "://" + hostAndPort;
}