https://github.com/spring-projects/spring-security/issues/8140
https://github.com/spring-projects/spring-boot/issues/6140
@fmarot Thank you for the feedback.
This is due to Spring Security's PortResolverImpl which attempts to work around a well know IE bug. From the javadoc:
This class is capable of handling the IE bug which results in an incorrect URL being
presented in the header subsequent to a redirect to a different scheme and port where
the port is not a well-known number (ie 80 or 443). Handling involves detecting an
incorrect response from ServletRequest.getServerPort() for the scheme (eg
a HTTP request on 8443) and then determining the real server port (eg HTTP request is
really on 8080). The map of valid ports is obtained from the configured
PortMapper
If you want to use HTTP, the easiest solution is to select a port other than 8443 which is typically used for HTTPS and thus remapped to work around the IE bug.
https://github.com/spring-projects/spring-security/blob/4.1.0.RELEASE/web/src/main/java/org/springframework/security/web/PortResolverImpl.java
public int getServerPort(ServletRequest request) {
int serverPort = request.getServerPort();
Integer portLookup = null;
String scheme = request.getScheme().toLowerCase();
if ("http".equals(scheme)) {
portLookup = portMapper.lookupHttpPort(Integer.valueOf(serverPort));
}
else if ("https".equals(scheme)) {
portLookup = portMapper.lookupHttpsPort(Integer.valueOf(serverPort));
}
if (portLookup != null) {
// IE 6 bug
serverPort = portLookup.intValue();
}
return serverPort;
} public PortMapperImpl() {
this.httpsPortMappings = new HashMap<Integer, Integer>();
this.httpsPortMappings.put(Integer.valueOf(80), Integer.valueOf(443));
this.httpsPortMappings.put(Integer.valueOf(8080), Integer.valueOf(8443));
}解决办法就是自定义port-mapping,不要转换
<port-mappings>
<port-mapping http="8080" https="8080"/>
</port-mappings>
扫一扫
3965
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
