You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Note that line 1700 is a more limited handling of https. It is only for when it is in the URI - ie for a proxied or HTTP/2 request
It will not trigger if a customiser has set the scheme... but then it may not need to....
Jetty version
10.0.x
Description
A request with
https
in it's scheme + authority will not return true forRequest.isSecure()
.The recent merge from
jetty-9.4.x
tojetty-10.0.x
with ForwardingRequestCustomizerTest improvements highlighted this behavior.See merge: 6856009#diff-6a150c3e05fb3d2c83189d7ded784eba8781a738a6018699bc082d46f176ee0eR697
That merge added a seemingly missing line in HttpChannel.onRequest().
But the change in Jetty 10 seems to prefer that to occur in Request.setMetadata() instead (line 1700).
https://github.com/eclipse/jetty.project/blob/68560090fe7332e28335335ed3ac43492b1d391d/jetty-server/src/main/java/org/eclipse/jetty/server/Request.java#L1683-L1700
This change made during the merge should be reviewed.
The text was updated successfully, but these errors were encountered: