Closed
Description
Miranda LeBlanc opened SPR-12816 and commented
This issue is very similar to #17410. In the UriComponentsBuilder, the scheme is set using the following X-Forwarded-Proto which can be a comma separated list as well. For example, I am seeing "http,http" as the value of my X-Forwarded-Proto header.
String protocolHeader = request.getHeaders().getFirst("X-Forwarded-Proto");
if (StringUtils.hasText(protocolHeader)) {
scheme = protocolHeader;
}This causes issues later on when the URIs are built due to the invalid characters within the scheme.
Affects: 4.1.5
Issue Links:
- X-Forwarded-Port with Comma Separated List Not Able to be Parsed in Spring 4.1.x [SPR-12813] #17410 X-Forwarded-Port with Comma Separated List Not Able to be Parsed in Spring 4.1.x