Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Compute forwarded: header correctly when HTTP2 is enabled #3106

Open
sandipchitale opened this issue Oct 18, 2023 · 1 comment
Open

Compute forwarded: header correctly when HTTP2 is enabled #3106

sandipchitale opened this issue Oct 18, 2023 · 1 comment
Labels
enhancement help wanted

Comments

@sandipchitale
Copy link

sandipchitale commented Oct 18, 2023
edited
Loading

Is your feature request related to a problem? Please describe.
It is possible to enable HTTP2 support in Spring Boot application like so:

server.http2.enabled=true

with this enabled and with embedded Tomcat running in HTTPS mode (at port 8443), the browsers (like Chrome) use the HTTP2 (shown as h2 in protocol column of Chrome devtools network panel), and due to the specs related to HTTP2 do not send the Host: localhost:8443 header. Instead the browsers send :authority: localhost:8443.

The code here:

spring-cloud-gateway/spring-cloud-gateway-mvc/src/main/java/org/springframework/cloud/gateway/mvc/ProxyExchange.java

Line 418 in 51367a8

if (StringUtils.hasText(hostHeader)) {

relies on the Host: header and if not found uses the host and scheme from URI. The port is not set at all.

However there is code in Tomcat that does process the :authority: header and sets the values of req.getServerName() and req.getServerPort().

Describe the solution you'd like
The computation of forwarded: header should make use of values of req.getServerName() and req.getServerPort() because they are set from :authority: header, which is equivalent of Host: when HTTP2 is being used.

Describe alternatives you've considered
None.

Additional context
BTW libraries like HATEOAS rely on Host: header to return correct links in the response.
@sandipchitale
Copy link
Author

sandipchitale commented Nov 14, 2023
edited
Loading

Here is the code from Tomcat code that deals with :authority: pseudo header.

File: tomcat-embed-core-10.1.15-sources.jar!\org\apache\coyote\http2\Stream.java

  480:     private void parseAuthority(String value, boolean host) throws HpackException {
  481:         int i;
  482:         try {
  483:             i = Host.parse(value);
  484:         } catch (IllegalArgumentException iae) {
  485:             // Host value invalid
  486:             throw new HpackException(sm.getString("stream.header.invalid", getConnectionId(), getIdAsString(),
  487:                     host ? "host" : ":authority", value));
  488:         }
  489:         if (i > -1) {
  490:             coyoteRequest.serverName().setString(value.substring(0, i));
  491:             coyoteRequest.setServerPort(Integer.parseInt(value.substring(i + 1)));
  492:         } else {
  493:             coyoteRequest.serverName().setString(value);
  494:         }
  495:     }

NOTE: line 490 thru 493.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement help wanted
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@spencergibb @sandipchitale