英文:
request.getScheme() method is returning wrong value
问题
我在jsp中有一个https到https的重定向代码。我正试图通过以下代码应用重定向逻辑:
String uri = request.getRequestURI();
String servername = request.getServerName();
String contextPath = request.getContextPath();
String scheme = request.getScheme();
int portname = request.getServerPort();
if (scheme.startsWith("https")) {
String port = workBean.getProperty("SSLPort");
response.sendRedirect("https://" + servername + ":" + port + "/xyz/login.jsp");
} else {
String port = workBean.getProperty("HttpPort");
response.sendRedirect("http://" + servername + ":" + port + "/xyz/login.jsp");
}
然而,if条件在处理https时没有正常工作。我在https上使用了负载均衡器。
请告诉我我做错了什么,如何解决这个问题。
英文:
I have a https-https redirection code in a jsp. I am trying to apply the redirection logic via the following code :
String uri = request.getRequestURI();
String servername = request.getServerName();
String contextPath = request.getContextPath();
String scheme = request.getScheme();
int portname = request.getServerPort();
if(scheme.startsWith("https")){
String port = workBean.getProperty("SSLPort");
response.sendRedirect("https://"+servername+":"+ port +"/xyz/login.jsp");
} else {
String port = workBean.getProperty("HttpPort");
response.sendRedirect("http://"+servername+":"+port+"/xyz/login.jsp");
}
However the if condition is not correctly working for https. I am using a load balancer for https.
Please tell me where I am doing wrong and how to fix the issue.
答案1
得分: 1
如果您正在使用负载均衡器,请尝试检查标头X-Forwarded-Proto
。许多负载均衡器/代理会设置此标头,或者您可以配置它们来设置此标头。
根据您使用的Servlet容器及其配置方式,标头X-Forwarded-Proto
的值有时直接用于方案字段。
但是,您也可以从请求中自己读取标头,并在可用时使用它代替方案。
> X-Forwarded-Proto
(XFP)标头是用于识别客户端与代理或负载均衡器之间连接所使用的协议(HTTP或HTTPS)的事实上的标准标头。[...] 为了确定客户端与负载均衡器之间使用的协议,可以使用X-Forwarded-Proto
请求标头。
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-Proto
英文:
If you are using a load balancer, did you try to check for the header X-Forwarded-Proto
. Many load balacers/proxies set this header or you can configure them to set this header.
Depending on what servlet container you are using and how it is configured the value of the header X-Forwarded-Proto
is sometimes directly used by the scheme field.
But also you could read the header yourself from the request and use it instead of the scheme if it's available.
> The X-Forwarded-Proto (XFP) header is a de-facto standard header for identifying the protocol (HTTP or HTTPS) that a client used to connect to your proxy or load balancer. [...] To determine the protocol used between the client and the load balancer, the X-Forwarded-Proto request header can be used.
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-Proto
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论