org.argeo.cms.ee/src/org/argeo/cms/servlet/ServletUtils.java

   1 package org.argeo.cms.servlet;
   2
   3 import static org.argeo.cms.http.HttpHeader.VIA;
   4 import static org.argeo.cms.http.HttpHeader.X_FORWARDED_HOST;
   5
   6 import java.net.URI;
   7 import java.util.ArrayList;
   8 import java.util.Enumeration;
   9 import java.util.List;
  10
  11 import javax.servlet.http.HttpServletRequest;
  12
  13 /** Servlet utilities. */
  14 public class ServletUtils {
  15
  16         /**
  17          * The base URL for this query (without any path component (not even an ending
  18          * '/'), taking into account reverse proxies.
  19          */
  20         public static StringBuilder getRequestUrlBase(HttpServletRequest req) {
  21                 return getRequestUrlBase(req, false);
  22         }
  23
  24         /**
  25          * The base URL for this query (without any path component (not even an ending
  26          * '/'), taking into account reverse proxies.
  27          *
  28          * @param forceReverseProxyHttps if a reverse proxy is detected and this is set
  29          *                               to true, the https scheme will be used. This is
  30          *                               to work around issued when the an https reverse
  31          *                               proxy is talking to an http application.
  32          */
  33         public static StringBuilder getRequestUrlBase(HttpServletRequest req, boolean forceReverseProxyHttps) {
  34                 List<String> viaHosts = new ArrayList<>();
  35                 for (Enumeration<String> it = req.getHeaders(VIA.getHeaderName()); it.hasMoreElements();) {
  36                         String[] arr = it.nextElement().split(" ");
  37                         viaHosts.add(arr[1]);
  38                 }
  39
  40                 String outerHost = viaHosts.isEmpty() ? null : viaHosts.get(0);
  41                 if (outerHost == null) {
  42                         // Try non-standard header
  43                         String forwardedHost = req.getHeader(X_FORWARDED_HOST.getHeaderName());
  44                         if (forwardedHost != null) {
  45                                 String[] arr = forwardedHost.split(",");
  46                                 outerHost = arr[0];
  47                         }
  48                 }
  49
  50                 URI requestUrl = URI.create(req.getRequestURL().toString());
  51
  52                 boolean isReverseProxy = outerHost != null && !outerHost.equals(requestUrl.getHost());
  53                 if (isReverseProxy) {
  54                         String protocol;
  55                         if (forceReverseProxyHttps)
  56                                 protocol = "https";
  57                         else
  58                                 protocol = req.isSecure() ? "https" : "http";
  59                         return new StringBuilder(protocol + "://" + outerHost);
  60                 } else {
  61                         return new StringBuilder(requestUrl.getScheme() + "://" + requestUrl.getHost()
  62                                         + (requestUrl.getPort() > 0 ? ":" + requestUrl.getPort() : ""));
  63                 }
  64         }
  65
  66         /** singleton */
  67         private ServletUtils() {
  68         }
  69 }