[teiid-issues] [JBoss JIRA] (TEIID-5942) OData request fails when Host header specifies also port

Steven Hawkins (Jira) issues at jboss.org
Mon Apr 20 13:12:35 EDT 2020 

    [ https://issues.redhat.com/browse/TEIID-5942?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14047044#comment-14047044 ] 

Steven Hawkins commented on TEIID-5942:
---------------------------------------

The root issue seems to be that the proxy is setting both the X-Forwarded-Host with host and port and the X-Forwarded-Port property.  That is not expected and I dare say seems like an issue with the proxy - if it is setting X-Forwarded-Port, it should not include that in the X-Forwarded-Host.  In any case we can fix it on our side.

> OData request fails when Host header specifies also port
> --------------------------------------------------------
>
>                 Key: TEIID-5942
>                 URL: https://issues.redhat.com/browse/TEIID-5942
>             Project: Teiid
>          Issue Type: Bug
>          Components: OData
>            Reporter: Steven Hawkins
>            Assignee: Steven Hawkins
>            Priority: Blocker
>
> TLDR: using the URLs returned in odata responses for new requests in apache http client causes 406 in the server pod because it tries to add the port twice to the url
> ----
> The current implementation of odata endpoint always adds the port to the returned links (such as {{context}} or {{nextLink}}), even when using the default port and not specifying it in the request:
> {code}
> $ curl -s -k https://host/odata/Source/SimpleTableView  | jq '."@odata.context"'             
> "https://host:443/odata/Source/$metadata#SimpleTableView"
> {code}
> This is ok, but will be important for triggering the issue later.
> Tools such as {{curl}} or web browsers strip the port from the hostname before they set it in the {{Host}} header on the HTTP request:
> {code}
> $ curl -vs -k https://host/odata/Source/SimpleTableView 2>&1  | grep 'Host:'
> > Host: host
> {code}
> However, the Apache HTTP client java client (also used by the olingo odata 4 client) does not strip the port, resulting in {{Host}} header such as 
> {code}
> Host: host:443
> {code}
> This is in fact in line with [RFC 2616|https://tools.ietf.org/html/rfc2616#section-14.23] which states 
> {quote}
> The Host request-header field specifies the Internet host and port
>    number of the resource being requested, as obtained from the original
>    URI given by the user or referring resource
> {quote}
> Requests with such a header will fail in the vdb pod with the following exception:
> {code}
> Caused by: java.lang.RuntimeException: Unable to create URI: https://host:443:443/odata/Source/SimpleTableView
> 	at org.teiid.olingo.web.ProxyHttpServletRequest.<init>(ProxyHttpServletRequest.java:85) ~[teiid-olingo-13.1.1.fuse-jdk11-800015-redhat-00001.jar!/:13.1.1.fuse-jdk11-800015-redhat-00001]
> 	at org.teiid.spring.odata.SpringODataFilter.handleProxiedRequest(SpringODataFilter.java:218) ~[spring-odata-1.4.1.fuse-jdk11-800012-redhat-00001.jar!/:1.4.1.fuse-jdk11-800012-redhat-00001]
> 	at org.teiid.spring.odata.SpringODataFilter.preHandle(SpringODataFilter.java:73) ~[spring-odata-1.4.1.fuse-jdk11-800012-redhat-00001.jar!/:1.4.1.fuse-jdk11-800012-redhat-00001]
> 	at org.springframework.web.servlet.HandlerExecutionChain.applyPreHandle(HandlerExecutionChain.java:136) ~[spring-webmvc-5.1.8.RELEASE.jar!/:5.1.8.RELEASE]
> 	at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1034) ~[spring-webmvc-5.1.8.RELEASE.jar!/:5.1.8.RELEASE]
> 	at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:942) ~[spring-webmvc-5.1.8.RELEASE.jar!/:5.1.8.RELEASE]
> 	at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1005) ~[spring-webmvc-5.1.8.RELEASE.jar!/:5.1.8.RELEASE]
> 	... 66 common frames omitted
> Caused by: java.net.MalformedURLException: Error at index 3 in: "443:443"
> 	at java.base/java.net.URL.<init>(URL.java:679) ~[na:na]
> 	at java.base/java.net.URL.<init>(URL.java:541) ~[na:na]
> 	at java.base/java.net.URL.<init>(URL.java:488) ~[na:na]
> 	at org.teiid.olingo.web.ProxyHttpServletRequest.<init>(ProxyHttpServletRequest.java:83) ~[teiid-olingo-13.1.1.fuse-jdk11-800015-redhat-00001.jar!/:13.1.1.fuse-jdk11-800015-redhat-00001]
> 	... 72 common frames omitted
> {code}
> Notice {{443:443}}, it appears the backend is trying to add the port even though it's already there, which makes the resulting URL invalid.



--
This message was sent by Atlassian Jira
(v7.13.8#713008)

More information about the teiid-issues mailing list