-
Type:
Bug
-
Status: Closed
-
Resolution: Unresolved
-
Affects Version/s: 6.10.0
-
Fix Version/s: 6.11.0
-
Component/s: None
-
Labels:None
-
Severity:Medium
In case a load balancer was configured to listen not on port 80 or 443 and:
1. base url wasn't
2. "X-Artifactory-Override-Base-Url" wasn't set
Wrong url will be resolved.
We are taking the port from the request but tomcat is changing it, https://bz.apache.org/bugzilla/show_bug.cgi?id=63196
before checking the port and scheme on the request we should check for
X-Forwarded-Port and X-Forwarded-Proto headers