request.getScheme() 方法返回了错误的值

huangapple go评论91阅读模式
英文:

request.getScheme() method is returning wrong value

问题

我在jsp中有一个https到https的重定向代码。我正试图通过以下代码应用重定向逻辑:

String uri = request.getRequestURI();
String servername = request.getServerName();
String contextPath = request.getContextPath();
String scheme = request.getScheme();
int portname = request.getServerPort();

if (scheme.startsWith("https")) {
    String port = workBean.getProperty("SSLPort");
    response.sendRedirect("https://" + servername + ":" + port + "/xyz/login.jsp");
} else {
    String port = workBean.getProperty("HttpPort");
    response.sendRedirect("http://" + servername + ":" + port + "/xyz/login.jsp");
}

然而,if条件在处理https时没有正常工作。我在https上使用了负载均衡器。

请告诉我我做错了什么,如何解决这个问题。

英文:

I have a https-https redirection code in a jsp. I am trying to apply the redirection logic via the following code :

String uri         = request.getRequestURI();
String servername  = request.getServerName();
String contextPath = request.getContextPath();
String scheme      = request.getScheme();
int portname       = request.getServerPort();

if(scheme.startsWith("https")){
	  String port = workBean.getProperty("SSLPort");
      response.sendRedirect("https://"+servername+":"+ port +"/xyz/login.jsp");
} else {
	  String port = workBean.getProperty("HttpPort");
      response.sendRedirect("http://"+servername+":"+port+"/xyz/login.jsp");
}

However the if condition is not correctly working for https. I am using a load balancer for https.

Please tell me where I am doing wrong and how to fix the issue.

答案1

得分: 1

如果您正在使用负载均衡器,请尝试检查标头X-Forwarded-Proto。许多负载均衡器/代理会设置此标头,或者您可以配置它们来设置此标头。

根据您使用的Servlet容器及其配置方式,标头X-Forwarded-Proto的值有时直接用于方案字段。

但是,您也可以从请求中自己读取标头,并在可用时使用它代替方案。

> X-Forwarded-Proto(XFP)标头是用于识别客户端与代理或负载均衡器之间连接所使用的协议(HTTP或HTTPS)的事实上的标准标头。[...] 为了确定客户端与负载均衡器之间使用的协议,可以使用X-Forwarded-Proto请求标头。

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-Proto

英文:

If you are using a load balancer, did you try to check for the header X-Forwarded-Proto. Many load balacers/proxies set this header or you can configure them to set this header.

Depending on what servlet container you are using and how it is configured the value of the header X-Forwarded-Proto is sometimes directly used by the scheme field.

But also you could read the header yourself from the request and use it instead of the scheme if it's available.

> The X-Forwarded-Proto (XFP) header is a de-facto standard header for identifying the protocol (HTTP or HTTPS) that a client used to connect to your proxy or load balancer. [...] To determine the protocol used between the client and the load balancer, the X-Forwarded-Proto request header can be used.

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-Proto

huangapple
  • 本文由 发表于 2020年8月18日 15:45:25
  • 转载请务必保留本文链接:https://go.coder-hub.com/63464027.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定