Gitblit devel
parent: bb55f5ae | patch | commit | ignore whitespace
James Moger
2012-08-02 f1b488ea55c036931d14e6b0df6ed711e3189212 
Support for X-Forwarded-Proto and X-Forwarded-Port (issue-115)
3 files modified
48 ■■■■■ changed files
docs/01_setup.mkd 4 ●●●● patch | view | raw | blame | history
docs/04_releases.mkd 1 ●●●● patch | view | raw | blame | history
src/com/gitblit/utils/HttpUtils.java 43 ●●●●● patch | view | raw | blame | history 
 docs/01_setup.mkd


@@ -156,6 +156,10 @@


# If your httpd frontend is https but you are proxying http Gitblit WAR or GO



#Header edit Location ^http://([^⁄]+)/gitblit/ https://$1/gitblit/







# Additionally you will want to tell Gitblit the original scheme and port



#Header set X-Forwarded-Proto https



#Header set X-Forwarded-Port 443







#ProxyPass /gitblit ajp://localhost:8009/gitblit



%ENDCODE%  



**Please** make sure to:  





 docs/04_releases.mkd


@@ -11,6 +11,7 @@






#### fixes







- Repository URL uses `X-Forwarded-Proto` and `X-Forwarded-Port`, if available, for reverse proxy configurations (issue 115)



- Fixes to relative path determination in repository searh algorithm for symlinks (issue 116)



- Output real RAW content, not simulated RAW content (issue 114)



- Fixed Lucene charset encoding bug when reindexing a repository (issue 112)





 src/com/gitblit/utils/HttpUtils.java


@@ -32,13 +32,48 @@


     * @return the host url



     */



    public static String getGitblitURL(HttpServletRequest request) {



        // default to the request scheme and port



        String scheme = request.getScheme();



        int port = request.getServerPort();







        // try to use reverse-proxy server's port



        String forwardedPort = request.getHeader("X-Forwarded-Port");



        if (StringUtils.isEmpty(forwardedPort)) {



            forwardedPort = request.getHeader("X_Forwarded_Port");



        }



        if (!StringUtils.isEmpty(forwardedPort)) {



            // reverse-proxy server has supplied the original port



            try {



                port = Integer.parseInt(forwardedPort);



            } catch (Throwable t) {



            }



        }



        


        // try to use reverse-proxy server's scheme



        String forwardedScheme = request.getHeader("X-Forwarded-Proto");



        if (StringUtils.isEmpty(forwardedScheme)) {



            forwardedScheme = request.getHeader("X_Forwarded_Proto");



        }



        if (!StringUtils.isEmpty(forwardedScheme)) {



            // reverse-proxy server has supplied the original scheme



            scheme = forwardedScheme;



        	


            if ("https".equals(scheme) && port == 80) {



                // proxy server is https, inside server is 80



                // this is likely because the proxy server has not supplied



                // x-forwarded-port. since 80 is almost definitely wrong,



                // make an educated guess that 443 is correct.



                port = 443;



            }



        }



        


        StringBuilder sb = new StringBuilder();



        sb.append(request.getScheme());



        sb.append(scheme);



        sb.append("://");



        sb.append(request.getServerName());



        if ((request.getScheme().equals("http") && request.getServerPort() != 80)



                || (request.getScheme().equals("https") && request.getServerPort() != 443)) {



            sb.append(":" + request.getServerPort());



        if (("http".equals(scheme) && port != 80)



                || ("https".equals(scheme) && port != 443)) {



            sb.append(":" + port);



        }



        sb.append(request.getContextPath());



        return sb.toString();