diff --git a/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/web/ServerProperties.java b/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/web/ServerProperties.java index 4046766b0e0..08b86ee5859 100644 --- a/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/web/ServerProperties.java +++ b/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/web/ServerProperties.java @@ -610,7 +610,8 @@ public class ServerProperties + "127\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}|" // 127/8 + "172\\.1[6-9]{1}\\.\\d{1,3}\\.\\d{1,3}|" // 172.16/12 + "172\\.2[0-9]{1}\\.\\d{1,3}\\.\\d{1,3}|" - + "172\\.3[0-1]{1}\\.\\d{1,3}\\.\\d{1,3}"; + + "172\\.3[0-1]{1}\\.\\d{1,3}\\.\\d{1,3}|" // + + "0:0:0:0:0:0:0:1|::1"; /** * Header that holds the incoming protocol, usually named "X-Forwarded-Proto". diff --git a/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/web/ServerPropertiesTests.java b/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/web/ServerPropertiesTests.java index 70d5667084a..aab6bd3cc0c 100644 --- a/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/web/ServerPropertiesTests.java +++ b/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/web/ServerPropertiesTests.java @@ -579,7 +579,8 @@ public class ServerPropertiesTests { + "127\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}|" // 127/8 + "172\\.1[6-9]{1}\\.\\d{1,3}\\.\\d{1,3}|" // 172.16/12 + "172\\.2[0-9]{1}\\.\\d{1,3}\\.\\d{1,3}|" - + "172\\.3[0-1]{1}\\.\\d{1,3}\\.\\d{1,3}"; + + "172\\.3[0-1]{1}\\.\\d{1,3}\\.\\d{1,3}|" // + + "0:0:0:0:0:0:0:1|::1"; assertThat(remoteIpValve.getInternalProxies()).isEqualTo(expectedInternalProxies); } @@ -896,6 +897,12 @@ public class ServerPropertiesTests { .isEqualTo(new AccessLogValve().getRequestAttributesEnabled()); } + @Test + public void tomcatInternalProxiesMatchesDefault() { + assertThat(this.properties.getTomcat().getInternalProxies()) + .isEqualTo(new RemoteIpValve().getInternalProxies()); + } + @Test public void jettyMaxHttpPostSizeMatchesDefault() throws Exception { JettyEmbeddedServletContainerFactory jettyFactory = new JettyEmbeddedServletContainerFactory( diff --git a/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc b/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc index 230ba73ce06..d72d535e3b4 100644 --- a/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc +++ b/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc @@ -212,7 +212,8 @@ content into your application; rather pick only the properties that you need. 127\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}|\\ 172\\.1[6-9]{1}\\.\\d{1,3}\\.\\d{1,3}|\\ 172\\.2[0-9]{1}\\.\\d{1,3}\\.\\d{1,3}|\\ - 172\\.3[0-1]{1}\\.\\d{1,3}\\.\\d{1,3} # regular expression matching trusted IP addresses. + 172\\.3[0-1]{1}\\.\\d{1,3}\\.\\d{1,3}|\\ + 0:0:0:0:0:0:0:1|::1 # Regular expression that matches proxies that are to be trusted. server.tomcat.max-connections=10000 # Maximum number of connections that the server will accept and process at any given time. server.tomcat.max-http-header-size=0 # Maximum size in bytes of the HTTP message header. server.tomcat.max-http-post-size=2097152 # Maximum size in bytes of the HTTP post content.