|
|
|
|
@ -83,7 +83,6 @@ abstract public class AbstractRemoteHandler extends AbstractHandler implements H
|
|
|
|
|
String host = request.getHeader("Host");
|
|
|
|
|
if (host == null) return; // no proxy request, continue processing by handlers
|
|
|
|
|
|
|
|
|
|
if (!Switchboard.getSwitchboard().getConfigBool("isTransparentProxy", false)) return;
|
|
|
|
|
|
|
|
|
|
int hostSplitPos = host.indexOf(':');
|
|
|
|
|
String hostOnly = hostSplitPos < 0 ? host : host.substring(0, hostSplitPos);
|
|
|
|
|
@ -95,9 +94,26 @@ abstract public class AbstractRemoteHandler extends AbstractHandler implements H
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// from here we can assume it is a proxy request
|
|
|
|
|
// should check proxy use permission
|
|
|
|
|
|
|
|
|
|
if (!Switchboard.getSwitchboard().getConfigBool("isTransparentProxy", false)) {
|
|
|
|
|
// transparent proxy not swiched on
|
|
|
|
|
response.sendError(HttpServletResponse.SC_FORBIDDEN,"proxy use not allowed.");
|
|
|
|
|
baseRequest.setHandled(true);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
String remoteHost = request.getRemoteHost();
|
|
|
|
|
InetAddress remoteIP = Domains.dnsResolve(remoteHost);
|
|
|
|
|
if (!remoteIP.isAnyLocalAddress() && !remoteIP.isLoopbackAddress()) return;
|
|
|
|
|
if (!remoteIP.isAnyLocalAddress() && !remoteIP.isLoopbackAddress()) {
|
|
|
|
|
// access not from local IP
|
|
|
|
|
// TODO: should .isLinkLocalAddress() be check ? & handle proxy account ~ ? use proxyClient config instead fix of localIP?
|
|
|
|
|
response.sendError(HttpServletResponse.SC_FORBIDDEN,
|
|
|
|
|
"proxy use not granted for IP " + remoteIP.getHostAddress() + " (see Server Proxy Access settings).");
|
|
|
|
|
baseRequest.setHandled(true);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
handleRemote(target, baseRequest, request, response);
|
|
|
|
|
|
|
|
|
|
|
reger
11 years ago