1 //
2 // ========================================================================
3 // Copyright (c) 1995-2016 Mort Bay Consulting Pty. Ltd.
4 // ------------------------------------------------------------------------
5 // All rights reserved. This program and the accompanying materials
6 // are made available under the terms of the Eclipse Public License v1.0
7 // and Apache License v2.0 which accompanies this distribution.
8 //
9 // The Eclipse Public License is available at
10 // http://www.eclipse.org/legal/epl-v10.html
11 //
12 // The Apache License v2.0 is available at
13 // http://www.opensource.org/licenses/apache2.0.php
14 //
15 // You may elect to redistribute this code under either of these licenses.
16 // ========================================================================
17 //
18
19 package org.eclipse.jetty.server;
20
21 import java.util.Objects;
22
23 import javax.servlet.http.HttpServletRequest;
24
25 /**
26 * Customizes requests that lack the {@code Host} header (for example, HTTP 1.0 requests).
27 * <p>
28 * In case of HTTP 1.0 requests that lack the {@code Host} header, the application may issue
29 * a redirect, and the {@code Location} header is usually constructed from the {@code Host}
30 * header; if the {@code Host} header is missing, the server may query the connector for its
31 * IP address in order to construct the {@code Location} header, and thus leak to clients
32 * internal IP addresses.
33 * <p>
34 * This {@link HttpConfiguration.Customizer} is configured with a {@code serverName} and
35 * optionally a {@code serverPort}.
36 * If the {@code Host} header is absent, the configured {@code serverName} will be set on
37 * the request so that {@link HttpServletRequest#getServerName()} will return that value,
38 * and likewise for {@code serverPort} and {@link HttpServletRequest#getServerPort()}.
39 */
40 public class HostHeaderCustomizer implements HttpConfiguration.Customizer
41 {
42 private final String serverName;
43 private final int serverPort;
44
45 /**
46 * @param serverName the {@code serverName} to set on the request (the {@code serverPort} will not be set)
47 */
48 public HostHeaderCustomizer(String serverName)
49 {
50 this(serverName, 0);
51 }
52
53 /**
54 * @param serverName the {@code serverName} to set on the request
55 * @param serverPort the {@code serverPort} to set on the request
56 */
57 public HostHeaderCustomizer(String serverName, int serverPort)
58 {
59 this.serverName = Objects.requireNonNull(serverName);
60 this.serverPort = serverPort;
61 }
62
63 @Override
64 public void customize(Connector connector, HttpConfiguration channelConfig, Request request)
65 {
66 if (request.getHeader("Host") == null)
67 request.setAuthority(serverName,serverPort); // TODO set the field as well?
68 }
69 }