Giter VIP home page Giter VIP logo

Comments (4)

spencergibb avatar spencergibb commented on May 30, 2024

Disable the cookie manager of the httpclient

I think this is the only option.

from spring-cloud-gateway.

florentm35 avatar florentm35 commented on May 30, 2024

Yes it's our method for the moment, but the code are really ugly :

/** GatewayServerMvcAutoConfiguration.gatewayClientHttpRequestFactory */
    @Bean
    public ClientHttpRequestFactory gatewayClientHttpRequestFactory(GatewayMvcProperties gatewayMvcProperties,
                                                                    SslBundles sslBundles) {
        GatewayMvcProperties.HttpClient properties = gatewayMvcProperties.getHttpClient();

        SslBundle sslBundle = null;
        if (org.springframework.util.StringUtils.hasText(properties.getSslBundle())) {
            sslBundle = sslBundles.getBundle(properties.getSslBundle());
        }
        ClientHttpRequestFactorySettings settings = new ClientHttpRequestFactorySettings(properties.getConnectTimeout(),
                properties.getReadTimeout(), sslBundle);

        ClientHttpRequestFactory chrf;
        if (properties.getType() == GatewayMvcProperties.HttpClientType.JDK) {
            // TODO: customize restricted headers
            String restrictedHeaders = System.getProperty("jdk.httpclient.allowRestrictedHeaders");
            if (!org.springframework.util.StringUtils.hasText(restrictedHeaders)) {
                System.setProperty("jdk.httpclient.allowRestrictedHeaders", "host");
            }
            else if (org.springframework.util.StringUtils.hasText(restrictedHeaders) && !restrictedHeaders.contains("host")) {
                System.setProperty("jdk.httpclient.allowRestrictedHeaders", restrictedHeaders + ",host");
            }

            chrf = ClientHttpRequestFactories.get(JdkClientHttpRequestFactory.class, settings);
        } else {
            chrf = ClientHttpRequestFactories.get(settings);
        }

        log.error("chrf : {}", chrf);
        if (chrf instanceof HttpComponentsClientHttpRequestFactory hcchrf) {
            log.error("hcchrf.getHttpClient() : {}", hcchrf.getHttpClient());
        } else if (chrf instanceof JdkClientHttpRequestFactory jchrf) {
            try {
                Field field = jchrf.getClass().getDeclaredField("httpClient");
                field.setAccessible(true);
                Object httpClient = field.get(jchrf);
                log.error("jchrf.getHttpClient() : {}", httpClient);
            } catch (Exception e) {
                log.error("", e);
            }
        }

       if (chrf instanceof HttpComponentsClientHttpRequestFactory hcchrf) {
            hcchrf.setHttpClient(createHttpClient(settings.readTimeout(), settings.sslBundle()));
        }

        return chrf;
    }

    private static HttpClient createHttpClient(Duration readTimeout, SslBundle sslBundle) {
        PoolingHttpClientConnectionManagerBuilder connectionManagerBuilder = PoolingHttpClientConnectionManagerBuilder
                .create();
        if (readTimeout != null) {
            SocketConfig socketConfig = SocketConfig.custom()
                    .setSoTimeout((int) readTimeout.toMillis(), TimeUnit.MILLISECONDS)
                    .build();
            connectionManagerBuilder.setDefaultSocketConfig(socketConfig);
        }
        if (sslBundle != null) {
            SslOptions options = sslBundle.getOptions();
            SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(sslBundle.createSslContext(),
                    options.getEnabledProtocols(), options.getCiphers(), new DefaultHostnameVerifier());
            connectionManagerBuilder.setSSLSocketFactory(socketFactory);
        }
        PoolingHttpClientConnectionManager connectionManager = connectionManagerBuilder.useSystemProperties()
                .build();
       // We disabled the cookie management here
        return HttpClientBuilder.create().useSystemProperties().disableCookieManagement().setConnectionManager(connectionManager).build();
    }

from spring-cloud-gateway.

spencergibb avatar spencergibb commented on May 30, 2024

#3305 will simplify that.

from spring-cloud-gateway.

florentm35 avatar florentm35 commented on May 30, 2024

It's seen more for spring cloud gateway mvc to disable it by default, not the user

from spring-cloud-gateway.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.