* lib/webrick/httprequest.rb (setup_forwarded_info): Parsing request

  header failed when the request is from 2 or more Apache reverse 
  proxies. It's said that all X-Forwarded-* headers will contain more
  than one (comma-separated) value if the original request already
  contained one of these headers.  Since we could use these values as
  Host header, we choose the initial(first) value. See #4922.

* test/webrick/test_httprequest.rb (test_forwarded): Test it.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32222 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

3 files changed, 42 insertions, 1 deletions

diff --git a/ChangeLog b/ChangeLog
index bdf2faa01f..9f6c08a5f1 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,14 @@
+Fri Jun 24 19:57:30 2011  Hiroshi Nakamura  <nahi@ruby-lang.org>
+
+	* lib/webrick/httprequest.rb (setup_forwarded_info): Parsing request
+	  header failed when the request is from 2 or more Apache reverse
+	  proxies. It's said that all X-Forwarded-* headers will contain more
+	  than one (comma-separated) value if the original request already
+	  contained one of these headers.  Since we could use these values as
+	  Host header, we choose the initial(first) value. See #4922.
+
+	* test/webrick/test_httprequest.rb (test_forwarded): Test it.
+
 Fri Jun 24 17:06:33 2011  Nobuyoshi Nakada  <nobu@ruby-lang.org>
 
 	* process.c (proc_daemon): should not start timer thread
diff --git a/lib/webrick/httprequest.rb b/lib/webrick/httprequest.rb
index 5dda878e99..1e8789d2d6 100644
--- a/lib/webrick/httprequest.rb
+++ b/lib/webrick/httprequest.rb
@@ -434,10 +434,18 @@ module WEBrick
       ^(::ffff:)?(10|172\.(1[6-9]|2[0-9]|3[01])|192\.168)\.
     /ixo
 
+    # It's said that all X-Forwarded-* headers will contain more than one
+    # (comma-separated) value if the original request already contained one of
+    # these headers. Since we could use these values as Host header, we choose
+    # the initial(first) value. (apr_table_mergen() adds new value after the
+    # existing value with ", " prefix)
     def setup_forwarded_info
-      @forwarded_server = self["x-forwarded-server"]
+      if @forwarded_server = self["x-forwarded-server"]
+        @forwarded_server = @forwarded_server.split(",", 2).first
+      end
       @forwarded_proto = self["x-forwarded-proto"]
       if host_port = self["x-forwarded-host"]
+        host_port = host_port.split(",", 2).first
         @forwarded_host, tmp = host_port.split(":", 2)
         @forwarded_port = (tmp || (@forwarded_proto == "https" ? 443 : 80)).to_i
       end
diff --git a/test/webrick/test_httprequest.rb b/test/webrick/test_httprequest.rb
index 2d96c2fcb0..d8467d4b4e 100644
--- a/test/webrick/test_httprequest.rb
+++ b/test/webrick/test_httprequest.rb
@@ -303,6 +303,28 @@ class TestWEBrickHTTPRequest < Test::Unit::TestCase
     assert_equal(443, req.port)
     assert_equal("234.234.234.234", req.remote_ip)
     assert(req.ssl?)
+
+    msg = <<-_end_of_message_
+      GET /foo HTTP/1.1
+      Host: localhost:10080
+      Client-IP: 234.234.234.234
+      X-Forwarded-Proto: https
+      X-Forwarded-For: 192.168.1.10
+      X-Forwarded-Host: forward1.example.com:1234, forward2.example.com:5678
+      X-Forwarded-Server: server1.example.com, server2.example.com
+      X-Requested-With: XMLHttpRequest
+      Connection: Keep-Alive
+
+    _end_of_message_
+    msg.gsub!(/^ {6}/, "")
+    req = WEBrick::HTTPRequest.new(WEBrick::Config::HTTP)
+    req.parse(StringIO.new(msg))
+    assert_equal("server1.example.com", req.server_name)
+    assert_equal("https://forward1.example.com:1234/foo", req.request_uri.to_s)
+    assert_equal("forward1.example.com", req.host)
+    assert_equal(1234, req.port)
+    assert_equal("234.234.234.234", req.remote_ip)
+    assert(req.ssl?)
   end
 
   def test_continue_sent