deny proxied connections

Author: Vladimir Kotal

opengrok-web/src/main/java/org/opengrok/web/api/v1/filter/IncomingFilter.java

@@ -110,6 +110,13 @@ public void filter(final ContainerRequestContext context) {
             return;
         }
 
+        if (request.getHeader("X-Forwarded-For") != null || request.getHeader("Forwarded") != null) {
+            logger.log(Level.FINEST, "denying request to {0} due to existence of forwarded header in the request",
+                    path);
+            context.abortWith(Response.status(Response.Status.UNAUTHORIZED).build());
+            return;
+        }
+
         if (localAddresses.contains(request.getRemoteAddr())) {
             logger.log(Level.FINEST, "allowing request to {0} based on localhost IP address", path);
             return;

opengrok-web/src/test/java/org/opengrok/web/api/v1/filter/IncomingFilterTest.java

@@ -79,6 +79,22 @@ private void nonLocalhostTestWithToken(boolean allowed) throws Exception {
         }
     }
 
+    @Test
+    public void localhostTestWithForwardedHeader() throws Exception {
+        Map<String, String> headers = new TreeMap<>();
+        headers.put("X-Forwarded-For", "192.0.2.43, 2001:db8:cafe::17");
+        IncomingFilter filter = mockWithRemoteAddress("127.0.0.1", headers, true);
+
+        ContainerRequestContext context = mockContainerRequestContext("test");
+
+        ArgumentCaptor<Response> captor = ArgumentCaptor.forClass(Response.class);
+
+        filter.filter(context);
+
+        verify(context).abortWith(captor.capture());
+        assertEquals(Response.Status.UNAUTHORIZED.getStatusCode(), captor.getValue().getStatus());
+    }
+
     @Test
     public void nonLocalhostTestWithoutToken() throws Exception {
         IncomingFilter filter = mockWithRemoteAddress("192.168.1.1");
@@ -166,5 +182,4 @@ public void searchTest() throws Exception {
 
         verify(context, never()).abortWith(captor.capture());
     }
-
 }