Parse X-Forwarded-Port header even if X-Forwarded-Host is not present

[pderop]

Always takes into account any available X-Forwarded-Port header even if the X-Forwarded-Host header is missing.

Fixes #2751

[violetagg]

@pderop What do you think about this? We need to recreate the host information only if we are able to parse the port.

String hostHeader = request.headers().get(X_FORWARDED_HOST_HEADER);
if (hostHeader != null) {
	connectionInfo = connectionInfo.withHostAddress(
			AddressUtils.parseAddress(hostHeader.split(",", 2)[0].trim(),
					getDefaultHostPort(connectionInfo), DEFAULT_FORWARDED_HEADER_VALIDATION));
}

String portHeader = request.headers().get(X_FORWARDED_PORT_HEADER);
if (portHeader != null && !portHeader.isEmpty()) {
	String portStr = portHeader.split(",", 2)[0].trim();
	if (portStr.chars().allMatch(Character::isDigit)) {
		int port = Integer.parseInt(portStr);
		connectionInfo = new ConnectionInfo(
				AddressUtils.createUnresolved(connectionInfo.getHostAddress().getHostString(), port),
				connectionInfo.getHostName(), port, connectionInfo.getRemoteAddress(), connectionInfo.getScheme());
	}
	else if (DEFAULT_FORWARDED_HEADER_VALIDATION) {
		throw new IllegalArgumentException("Failed to parse a port from " + portHeader);
	}
}

[violetagg]

Let's check also the host address as we do in the rest of the tests

Suggested change

	Assertions.assertThat(serverRequest.remoteAddress().getHostString()).isEqualTo("192.168.0.1");
	Assertions.assertThat(serverRequest.remoteAddress().getHostString()).isEqualTo("192.168.0.1");
	Assertions.assertThat(serverRequest.hostAddress().getHostString())
	.containsPattern("^0:0:0:0:0:0:0:1(%\\w*)?|127.0.0.1$");
	Assertions.assertThat(serverRequest.hostAddress().getPort()).isEqualTo(8443);

[pderop]

I have Applied the two feedbacks. Can you recheck please ?

Indeed, recreating the host information only if we are able to parse X-Forwarded-Port has the following benefit: if X-Forwarded-Host is present and contains a port and if X-Forwarded-Port is present but is malformed, then now we do not ignore the X-Forwarded-Host port (if it was present).

[pderop]

@violetagg , thanks for the review.