Yes, there are two reasons:
1) The Tomcat valves operate on all webapps. We only need/require this
for one particular webapp without affecting the others.
2) The code has been simplified for illustration purposes. Besides
X-Forwarded-For, we detect and work around many other custom external
mo
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Manuel,
On 2/5/20 12:12 PM, Manuel Dominguez Sarmiento wrote:
> Our filter is not doing anything fancy (and it has always worked
> correctly before we ran into this bug). In pseudo-code:
>
> public doFilter(request, response) {
>
> String ip = re
Our filter is not doing anything fancy (and it has always worked
correctly before we ran into this bug). In pseudo-code:
public doFilter(request, response) {
String ip = request.getRemoteAddr();
boolean isProxy = isProxy(ip);
if (isProxy) {
String unwrappedIP = unwrapXForwar
On 04/02/2020 22:27, Manuel Dominguez Sarmiento wrote:
> We are getting the NPEs in a top-of-the-chain servlet filter which
> decorates HttpServletRequest.getRemoteAddr() before actual servlet
> processing. Only on HTTP/2 and in a very small number of cases. Perhaps
> we should test 9.0.31 and see
Am 04.02.2020 22:16, schrieb Hua Zhang:
What I mean with word 'works' is: the RewriteRule has been executed.
That is not the case by HTTPS. The rule has not been executed while the
RewriteCond is fulfilled.
Can you give us more information on your setup? Is there any
Proxy/Loadbalancer in fro
