* </tr>
* <tr>
* <td>internalProxies</td>
- * <td>List of internal proxies ip adress. If they appear in the <code>remoteIpHeader</code> value, they will be trusted and will not appear
+ * <td>Regular expression that matches the IP addresses of internal proxies.
+ * If they appear in the <code>remoteIpHeader</code> value, they will be
+ * trusted and will not appear
* in the <code>proxiesHeader</code> value</td>
* <td>RemoteIPInternalProxy</td>
- * <td>Regular expression (in the syntax supported by the {@link java.util.regex.Pattern} library)</td>
+ * <td>Regular expression (in the syntax supported by
+ * {@link java.util.regex.Pattern java.util.regex})</td>
* <td>10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|169\.254\.\d{1,3}\.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3} <br/>
* By default, 10/8, 192.168/16, 169.254/16 and 127/8 are allowed ; 172.16/12 has not been enabled by default because it is complex to
* describe with regular expressions</td>
* </tr>
* <tr>
* <td>trustedProxies</td>
- * <td>List of trusted proxies ip adress. If they appear in the <code>remoteIpHeader</code> value, they will be trusted and will appear in
- * the <code>proxiesHeader</code> value</td>
+ * <td>Regular expression that matches the IP addresses of trusted proxies.
+ * If they appear in the <code>remoteIpHeader</code> value, they will be
+ * trusted and will appear in the <code>proxiesHeader</code> value</td>
* <td>RemoteIPTrustedProxy</td>
- * <td>Regular expression (in the syntax supported by the {@link java.util.regex.Pattern} library)</td>
+ * <td>Regular expression (in the syntax supported by
+ * {@link java.util.regex.Pattern java.util.regex})</td>
* <td> </td>
* </tr>
* <tr>
* <filter-name>RemoteIpFilter</filter-name>
* <filter-class>org.apache.catalina.filters.RemoteIpFilter</filter-class>
* <init-param>
- * <param-name>internalProxies</param-name><param-value>192\.168\.0\.10, 192\.168\.0\.11</param-value>
+ * <param-name>internalProxies</param-name>
+ * <param-value>192\.168\.0\.10|192\.168\.0\.11</param-value>
* </init-param>
* <init-param>
- * <param-name>remoteIpHeader</param-name><param-value>x-forwarded-for</param-value>
+ * <param-name>remoteIpHeader</param-name>
+ * <param-value>x-forwarded-for</param-value>
* </init-param>
* <init-param>
- * <param-name>remoteIpProxiesHeader</param-name><param-value>x-forwarded-by</param-value>
+ * <param-name>remoteIpProxiesHeader</param-name>
+ * <param-value>x-forwarded-by</param-value>
* </init-param>
* <init-param>
- * <param-name>protocolHeader</param-name><param-value>x-forwarded-proto</param-value>
+ * <param-name>protocolHeader</param-name>
+ * <param-value>x-forwarded-proto</param-value>
* </init-param>
* </filter>
*
* <filter-name>RemoteIpFilter</filter-name>
* <filter-class>org.apache.catalina.filters.RemoteIpFilter</filter-class>
* <init-param>
- * <param-name>internalProxies</param-name><param-value>192\.168\.0\.10, 192\.168\.0\.11</param-value>
+ * <param-name>internalProxies</param-name>
+ * <param-value>192\.168\.0\.10|192\.168\.0\.11</param-value>
* </init-param>
* <init-param>
- * <param-name>remoteIpHeader</param-name><param-value>x-forwarded-for</param-value>
+ * <param-name>remoteIpHeader</param-name>
+ * <param-value>x-forwarded-for</param-value>
* </init-param>
* <init-param>
- * <param-name>remoteIpProxiesHeader</param-name><param-value>x-forwarded-by</param-value>
+ * <param-name>remoteIpProxiesHeader</param-name>
+ * <param-value>x-forwarded-by</param-value>
* </init-param>
* <init-param>
- * <param-name>trustedProxies</param-name><param-value>proxy1, proxy2</param-value>
+ * <param-name>trustedProxies</param-name>
+ * <param-value>proxy1|proxy2</param-value>
* </init-param>
* </filter>
*
* <filter-name>RemoteIpFilter</filter-name>
* <filter-class>org.apache.catalina.filters.RemoteIpFilter</filter-class>
* <init-param>
- * <param-name>internalProxies</param-name><param-value>192\.168\.0\.10, 192\.168\.0\.11</param-value>
+ * <param-name>internalProxies</param-name>
+ * <param-value>192\.168\.0\.10|192\.168\.0\.11</param-value>
* </init-param>
* <init-param>
- * <param-name>remoteIpHeader</param-name><param-value>x-forwarded-for</param-value>
+ * <param-name>remoteIpHeader</param-name>
+ * <param-value>x-forwarded-for</param-value>
* </init-param>
* <init-param>
- * <param-name>remoteIpProxiesHeader</param-name><param-value>x-forwarded-by</param-value>
+ * <param-name>remoteIpProxiesHeader</param-name>
+ * <param-value>x-forwarded-by</param-value>
* </init-param>
* <init-param>
- * <param-name>trustedProxies</param-name><param-value>proxy1, proxy2</param-value>
+ * <param-name>trustedProxies</param-name>
+ * <param-value>proxy1|proxy2</param-value>
* </init-param>
* </filter>
*
* <filter-name>RemoteIpFilter</filter-name>
* <filter-class>org.apache.catalina.filters.RemoteIpFilter</filter-class>
* <init-param>
- * <param-name>internalProxies</param-name><param-value>192\.168\.0\.10, 192\.168\.0\.11</param-value>
+ * <param-name>internalProxies</param-name>
+ * <param-value>192\.168\.0\.10|192\.168\.0\.11</param-value>
* </init-param>
* <init-param>
- * <param-name>remoteIpHeader</param-name><param-value>x-forwarded-for</param-value>
+ * <param-name>remoteIpHeader</param-name>
+ * <param-value>x-forwarded-for</param-value>
* </init-param>
* <init-param>
- * <param-name>remoteIpProxiesHeader</param-name><param-value>x-forwarded-by</param-value>
+ * <param-name>remoteIpProxiesHeader</param-name>
+ * <param-value>x-forwarded-by</param-value>
* </init-param>
* <init-param>
- * <param-name>trustedProxies</param-name><param-value>proxy1, proxy2</param-value>
+ * <param-name>trustedProxies</param-name>
+ * <param-value>proxy1|proxy2</param-value>
* </init-param>
* </filter>
*
/**
* <p>
- * Regular expressions that defines the internal proxies.
+ * Regular expression that defines the internal proxies.
* </p>
* <p>
* Default value : 10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|169\.254.\d{1,3}.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}
* </tr>
* <tr>
* <td>internalProxies</td>
- * <td>List of internal proxies ip adress. If they appear in the <code>remoteIpHeader</code> value, they will be trusted and will not appear
+ * <td>Regular expression that matches the IP addresses of internal proxies.
+ * If they appear in the <code>remoteIpHeader</code> value, they will be
+ * trusted and will not appear
* in the <code>proxiesHeader</code> value</td>
* <td>RemoteIPInternalProxy</td>
- * <td>Regular expression (in the syntax supported by the {@link java.util.regex.Pattern} library)</td>
+ * <td>Regular expression (in the syntax supported by
+ * {@link java.util.regex.Pattern java.util.regex})</td>
* <td>10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|169\.254\.\d{1,3}\.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}<br/>
* By default, 10/8, 192.168/16, 169.254/16 and 127/8 are allowed ; 172.16/12 has not been enabled by default because it is complex to
* describe with regular expressions</td>
* </tr>
* <tr>
* <td>trustedProxies</td>
- * <td>List of trusted proxies ip adress. If they appear in the <code>remoteIpHeader</code> value, they will be trusted and will appear
- * in the <code>proxiesHeader</code> value</td>
+ * <td>Regular expression that matches the IP addresses of trusted proxies.
+ * If they appear in the <code>remoteIpHeader</code> value, they will be
+ * trusted and will appear in the <code>proxiesHeader</code> value</td>
* <td>RemoteIPTrustedProxy</td>
- * <td>Regular expression (in the syntax supported by the {@link java.util.regex.Pattern} library)</td>
+ * <td>Regular expression (in the syntax supported by
+ * {@link java.util.regex.Pattern java.util.regex})</td>
* <td> </td>
* </tr>
* <tr>
* <code><pre>
* <Valve
* className="org.apache.catalina.valves.RemoteIpValve"
- * internalProxies="192\.168\.0\.10, 192\.168\.0\.11"
+ * internalProxies="192\.168\.0\.10|192\.168\.0\.11"
* remoteIpHeader="x-forwarded-for"
* remoteIpProxiesHeader="x-forwarded-by"
* protocolHeader="x-forwarded-proto"
* <code><pre>
* <Valve
* className="org.apache.catalina.valves.RemoteIpValve"
- * internalProxies="192\.168\.0\.10, 192\.168\.0\.11"
+ * internalProxies="192\.168\.0\.10|192\.168\.0\.11"
* remoteIpHeader="x-forwarded-for"
* remoteIpProxiesHeader="x-forwarded-by"
- * trustedProxies="proxy1, proxy2"
+ * trustedProxies="proxy1|proxy2"
* /></pre></code>
* <p>
* Request values:
* <code><pre>
* <Valve
* className="org.apache.catalina.valves.RemoteIpValve"
- * internalProxies="192\.168\.0\.10, 192\.168\.0\.11"
+ * internalProxies="192\.168\.0\.10|192\.168\.0\.11"
* remoteIpHeader="x-forwarded-for"
* remoteIpProxiesHeader="x-forwarded-by"
- * trustedProxies="proxy1, proxy2"
+ * trustedProxies="proxy1|proxy2"
* /></pre></code>
* <p>
* Request values:
* <code><pre>
* <Valve
* className="org.apache.catalina.valves.RemoteIpValve"
- * internalProxies="192\.168\.0\.10, 192\.168\.0\.11"
+ * internalProxies="192\.168\.0\.10|192\.168\.0\.11"
* remoteIpHeader="x-forwarded-for"
* remoteIpProxiesHeader="x-forwarded-by"
- * trustedProxies="proxy1, proxy2"
+ * trustedProxies="proxy1|proxy2"
* /></pre></code>
* <p>
* Request values:
/**
* @see #setInternalProxies(String)
- * @return comma delimited list of internal proxies
+ * @return Regular expression that defines the internal proxies
*/
public String getInternalProxies() {
if (internalProxies == null) {
/**
* @see #setTrustedProxies(String)
- * @return comma delimited list of trusted proxies
+ * @return Regular expression that defines the trusted proxies
*/
public String getTrustedProxies() {
if (trustedProxies == null) {
/**
* <p>
- * Regular expressions that defines the internal proxies.
+ * Regular expression that defines the internal proxies.
* </p>
* <p>
* Default value : 10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|169\.254.\d{1,3}.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}
writeable="false"/>
<attribute name="internalProxies"
- description="Comma delimited list of internal proxies"
+ description="Regular expression that matches IP addresses of internal proxies"
type="java.lang.String"
writeable="false" />
writeable="false"/>
<attribute name="trustedProxies"
- description="Comma delimited list of trusted proxies"
+ description="Regular expression that matches IP addresses of trusted proxies"
type="java.lang.String"
writeable="false" />
public void testInvokeAllowedRemoteAddrWithNullRemoteIpHeader() throws Exception {
// PREPARE
FilterDef filterDef = new FilterDef();
- filterDef.addInitParameter("internalProxies", "192\\.168\\.0\\.10, 192\\.168\\.0\\.11");
- filterDef.addInitParameter("trustedProxies", "proxy1, proxy2, proxy3");
+ filterDef.addInitParameter("internalProxies", "192\\.168\\.0\\.10|192\\.168\\.0\\.11");
+ filterDef.addInitParameter("trustedProxies", "proxy1|proxy2|proxy3");
filterDef.addInitParameter("remoteIpHeader", "x-forwarded-for");
filterDef.addInitParameter("proxiesHeader", "x-forwarded-by");
// PREPARE
FilterDef filterDef = new FilterDef();
filterDef.addInitParameter("internalProxies", "192\\.168\\.0\\.10|192\\.168\\.0\\.11");
- filterDef.addInitParameter("trustedProxies", "proxy1, proxy2, proxy3");
+ filterDef.addInitParameter("trustedProxies", "proxy1|proxy2|proxy3");
filterDef.addInitParameter("remoteIpHeader", "x-forwarded-for");
filterDef.addInitParameter("proxiesHeader", "x-forwarded-by");
public void testInvokeNotAllowedRemoteAddr() throws Exception {
// PREPARE
FilterDef filterDef = new FilterDef();
- filterDef.addInitParameter("internalProxies", "192\\.168\\.0\\.10, 192\\.168\\.0\\.11");
- filterDef.addInitParameter("trustedProxies", "proxy1, proxy2, proxy3");
+ filterDef.addInitParameter("internalProxies", "192\\.168\\.0\\.10|192\\.168\\.0\\.11");
+ filterDef.addInitParameter("trustedProxies", "proxy1|proxy2|proxy3");
filterDef.addInitParameter("remoteIpHeader", "x-forwarded-for");
filterDef.addInitParameter("proxiesHeader", "x-forwarded-by");
</init-param>
<init-param>
<param-name>trustedProxies</param-name>
- <param-value>proxy1, proxy2</param-value>
+ <param-value>proxy1|proxy2</param-value>
</init-param>
</filter>
</source>
</init-param>
<init-param>
<param-name>trustedProxies</param-name>
- <param-value>proxy1, proxy2</param-value>
+ <param-value>proxy1|proxy2</param-value>
</init-param>
</filter>
</source>
</init-param>
<init-param>
<param-name>trustedProxies</param-name>
- <param-value>proxy1, proxy2</param-value>
+ <param-value>proxy1|proxy2</param-value>
</init-param>
</filter>
</source>
projects / tomcat7.0 / commitdiff