From cc557833a414b68abc81825dddf49491c54fa80f Mon Sep 17 00:00:00 2001 From: Sjoerd Mulder Date: Mon, 24 Nov 2014 14:04:16 +0100 Subject: [PATCH 1/2] Escape backslashes in .properties examples of setting internal-proxies In a properties file, a backslash is used as an escape character for the line terminator sequence to allow values to be split across multiple lines. When a backslash is used elsewhere they're stripped out of the property's value. This commit updates .properties-based examples for configuring server.tomcat.internal-proxies to escape the backslahes so that they are retained in the property's value at runtime. See gh-1989 --- .../main/asciidoc/appendix-application-properties.adoc | 8 ++++---- spring-boot-docs/src/main/asciidoc/howto.adoc | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc b/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc index cd3b8a1ede1..f313da95add 100644 --- a/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc +++ b/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc @@ -70,10 +70,10 @@ content into your application; rather pick only the properties that you need. server.ssl.trust-store-type= server.tomcat.access-log-pattern= # log pattern of the access log server.tomcat.access-log-enabled=false # is access logging enabled - server.tomcat.internal-proxies=10\.\d{1,3}\.\d{1,3}\.\d{1,3}|\ - 192\.168\.\d{1,3}\.\d{1,3}|\ - 169\.254\.\d{1,3}\.\d{1,3}|\ - 127\.\d{1,3}\.\d{1,3}\.\d{1,3} # regular expression matching trusted IP addresses + server.tomcat.internal-proxies=10\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}|\\ + 192\\.168\\.\\d{1,3}\\.\\d{1,3}|\\ + 169\\.254\\.\\d{1,3}\\.\\d{1,3}|\\ + 127\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3} # regular expression matching trusted IP addresses server.tomcat.protocol-header=x-forwarded-proto # front end proxy forward header server.tomcat.port-header= # front end proxy port header server.tomcat.remote-ip-header=x-forwarded-for diff --git a/spring-boot-docs/src/main/asciidoc/howto.adoc b/spring-boot-docs/src/main/asciidoc/howto.adoc index 895b4a5475b..9f6f2edc225 100644 --- a/spring-boot-docs/src/main/asciidoc/howto.adoc +++ b/spring-boot-docs/src/main/asciidoc/howto.adoc @@ -493,7 +493,7 @@ to `application.properties`, e.g. [indent=0] ---- - server.tomcat.internal_proxies=192\.168\.\d{1,3}\.\d{1,3} + server.tomcat.internal_proxies=192\\.168\\.\\d{1,3}\\.\\d{1,3} ---- Alternatively, you can take complete control of the configuration of the `RemoteIpValve` From 2b4eee5e53db96bd8d2a9cb787d178e84703b6b3 Mon Sep 17 00:00:00 2001 From: Andy Wilkinson Date: Tue, 25 Nov 2014 13:48:23 +0000 Subject: [PATCH 2/2] Add a note explaining that double backslashes are unnecessary in YAML Closes gh-1989 --- spring-boot-docs/src/main/asciidoc/howto.adoc | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/spring-boot-docs/src/main/asciidoc/howto.adoc b/spring-boot-docs/src/main/asciidoc/howto.adoc index 9f6f2edc225..9f45fb972ef 100644 --- a/spring-boot-docs/src/main/asciidoc/howto.adoc +++ b/spring-boot-docs/src/main/asciidoc/howto.adoc @@ -496,6 +496,10 @@ to `application.properties`, e.g. server.tomcat.internal_proxies=192\\.168\\.\\d{1,3}\\.\\d{1,3} ---- +NOTE: The double backslashes are only required when you're using a properties file for +configuration. If you are using YAML, single backslashes are sufficient and a value +that's equivalent to the one shown above would be `192\.168\.\d{1,3}\.\d{1,3}`. + Alternatively, you can take complete control of the configuration of the `RemoteIpValve` by configuring and adding it in a `TomcatEmbeddedServletContainerFactory` bean.