ForwardedHeaderSupport

note

ForwardedHeaderSupport - 图1

This help topic is in development and will be updated in the future.

This feature allows you to handle reverse proxy headers to get information about the original request when it’s behind a proxy.

  • ForwardedHeaderSupport handles the standard Forwarded header (RFC 7239)

  • XForwardedHeaderSupport handles the non-standard (but standard de-facto) X-Forwarded-Host/X-Forwarded-Server, X-Forwarded-For, X-Forwarded-By, X-Forwarded-Proto/X-Forwarded-Protocol and X-Forwarded-SSL/Front-End-Https

note

ForwardedHeaderSupport - 图2

Only install these features if you have a reverse proxy supporting these headers serving your requests. In other cases, a client will be able to manipulate these headers.

Usage

These features don’t require any special configuration. You can install any of the two depending on your reverse proxy, but since the standard is the Forwarded header, you should favor it whenever possible.

  1. install(ForwardedHeaderSupport)

or

  1. install(XForwardedHeaderSupport)

Request information

You can see all the available request properties on the Requests page.

The proxy request information

You can read the raw or local request information, read from the received normal headers and socket properties, that correspond to the proxy request using the request.local property:

  1. val scheme = request.local.scheme
  2. val version = request.local.version
  3. val port = request.local.port
  4. val host = request.local.host
  5. val uri = request.local.uri
  6. val method = request.local.method
  7. val remoteHost = request.local.remoteHost

The original request information

You can read the original request information, read from the Forwarded or X-Forwarded-* headers with fallback to the raw headers, that corresponds to original client request using the request.origin property:

  1. val scheme = request.origin.scheme // Determined from X-Forwarded-Proto / X-Forwarded-Protocol / X-Forwarded-SSL
  2. val version = request.origin.version
  3. val port = request.origin.port // Determined from X-Forwarded-Host / X-Forwarded-Server
  4. val host = request.origin.host // Determined from X-Forwarded-Host / X-Forwarded-Server
  5. val uri = request.origin.uri
  6. val method = request.origin.method
  7. val remoteHost = request.origin.remoteHost // Determined from X-Forwarded-For

In the cases where you need the X-Forwarded-By (the interface used for the socket), you can access the raw X-Forwarded properties with:

  1. val forwardedValues: List<ForwardedHeaderSupport.ForwardedHeaderValue> = call.attributes[ForwardedHeaderSupport.ForwardedParsedKey]
  1. data class ForwardedHeaderValue(val host: String?, val by: String?, val forParam: String?, val proto: String?, val others: Map<String, String>)

Header description

The standard Forwarded header looks like this:

Forwarded: by=<identifier>; for=<identifier>; host=<host>; proto=<http|https>

  • by - The interface where the request came in to the proxy server.

  • for - The client that initiated the request and subsequent proxies in a chain of proxies.

  • host - The Host request header field as received by the proxy.

  • proto - Indicates which protocol was used to make the request (typically “http” or “https”).

note

ForwardedHeaderSupport - 图3

You can read more about Forwarded in the MDN documentation.