OF-650: Added support for XFF headers to http-bind; also added i18n keys for admin page

git-svn-id: http://svn.igniterealtime.org/svn/repos/openfire/trunk@13553 b35dd754-fafc-0310-a699-88a17e54d16e

src/i18n/openfire_i18n_cs_CZ.properties

@@ -2116,6 +2116,21 @@ httpbind.settings.crossdomain.info.general=By default, Openfire will generate a
 httpbind.settings.crossdomain.info.override=This default behavior can be overridden with a custom file. If such \
     a file is made accessible at {0}, its content will be used, instead of the generated content.
 httpbind.settings.crossdomain.info.policy=This is current crossdomain.xml policy, as it is presented to your users:
+httpbind.settings.cors.group=Provides support for CORS (Cross-Origin Resource Sharing)
+httpbind.settings.cors.label_enable=Enabled
+httpbind.settings.cors.label_enable_info=Activate CORS support for cross domain scripting
+httpbind.settings.cors.domain_list=Enter domain list below separated by commas or * to allow any:
+httpbind.settings.cors.label_disable=Disabled
+httpbind.settings.cors.label_disable_info=Disable CORS support
+httpbind.settings.xff.group=Provides support for XFF (X-Forwarded-For) headers
+httpbind.settings.xff.label_enable=Enabled
+httpbind.settings.xff.label_enable_info=Activate XFF support for proxied HTTP requests
+httpbind.settings.xff.forwarded_for=HTTP header for originating client IP address (X-Forwarded-For):
+httpbind.settings.xff.forwarded_server=HTTP header for proxied Server name (X-Forwarded-Server):
+httpbind.settings.xff.forwarded_host=HTTP header for proxied Host (X-Forwarded-Host):
+httpbind.settings.xff.host_name=Host name to be returned for all proxied responses:
+httpbind.settings.xff.label_disable=Disabled
+httpbind.settings.xff.label_disable_info=Disable XFF support
 
 # Profile Settings
 

src/i18n/openfire_i18n_de.properties

@@ -2036,6 +2036,21 @@ httpbind.settings.crossdomain.info.general=By default, Openfire will generate a
 httpbind.settings.crossdomain.info.override=This default behavior can be overridden with a custom file. If such \
     a file is made accessible at {0}, its content will be used, instead of the generated content.
 httpbind.settings.crossdomain.info.policy=This is current crossdomain.xml policy, as it is presented to your users:
+httpbind.settings.cors.group=Provides support for CORS (Cross-Origin Resource Sharing)
+httpbind.settings.cors.label_enable=Enabled
+httpbind.settings.cors.label_enable_info=Activate CORS support for cross domain scripting
+httpbind.settings.cors.domain_list=Enter domain list below separated by commas or * to allow any:
+httpbind.settings.cors.label_disable=Disabled
+httpbind.settings.cors.label_disable_info=Disable CORS support
+httpbind.settings.xff.group=Provides support for XFF (X-Forwarded-For) headers
+httpbind.settings.xff.label_enable=Enabled
+httpbind.settings.xff.label_enable_info=Activate XFF support for proxied HTTP requests
+httpbind.settings.xff.forwarded_for=HTTP header for originating client IP address (X-Forwarded-For):
+httpbind.settings.xff.forwarded_server=HTTP header for proxied Server name (X-Forwarded-Server):
+httpbind.settings.xff.forwarded_host=HTTP header for proxied Host (X-Forwarded-Host):
+httpbind.settings.xff.host_name=Host name to be returned for all proxied responses:
+httpbind.settings.xff.label_disable=Disabled
+httpbind.settings.xff.label_disable_info=Disable XFF support
 
 # Profile Settings
 

src/i18n/openfire_i18n_en.properties

@@ -502,8 +502,10 @@
 ##	    Added key: 'client.connections.settings.ping.disable'
 ##	    Added key: 'setup.ldap.server.alias_enclose_dns'
 ##	    Added key: 'setup.ldap.server.alias_enclose_dns_help'
-
-
+##
+## 3.8.2
+##      Added keys: 'httpbind.settings.cors.*'
+##      Added keys: 'httpbind.settings.xff.*'
 
 # Openfire
 
@@ -2837,7 +2839,21 @@ httpbind.settings.crossdomain.info.general=By default, Openfire will generate a
 httpbind.settings.crossdomain.info.override=This default behavior can be overridden with a custom file. If such \
     a file is made accessible at {0}, its content will be used, instead of the generated content.
 httpbind.settings.crossdomain.info.policy=This is current crossdomain.xml policy, as it is presented to your users:
-
+httpbind.settings.cors.group=Provides support for CORS (Cross-Origin Resource Sharing)
+httpbind.settings.cors.label_enable=Enabled
+httpbind.settings.cors.label_enable_info=Activate CORS support for cross domain scripting
+httpbind.settings.cors.domain_list=Enter domain list below separated by commas or * to allow any:
+httpbind.settings.cors.label_disable=Disabled
+httpbind.settings.cors.label_disable_info=Disable CORS support
+httpbind.settings.xff.group=Provides support for XFF (X-Forwarded-For) headers
+httpbind.settings.xff.label_enable=Enabled
+httpbind.settings.xff.label_enable_info=Activate XFF support for proxied HTTP requests
+httpbind.settings.xff.forwarded_for=HTTP header for originating client IP address (X-Forwarded-For):
+httpbind.settings.xff.forwarded_server=HTTP header for proxied Server name (X-Forwarded-Server):
+httpbind.settings.xff.forwarded_host=HTTP header for proxied Host (X-Forwarded-Host):
+httpbind.settings.xff.host_name=Host name to be returned for all proxied responses:
+httpbind.settings.xff.label_disable=Disabled
+httpbind.settings.xff.label_disable_info=Disable XFF support
 # Profile Settings
 
 profile-settings.title=Profile Settings

src/i18n/openfire_i18n_es.properties

@@ -2114,6 +2114,21 @@ httpbind.settings.crossdomain.info.general=By default, Openfire will generate a
 httpbind.settings.crossdomain.info.override=This default behavior can be overridden with a custom file. If such \
     a file is made accessible at {0}, its content will be used, instead of the generated content.
 httpbind.settings.crossdomain.info.policy=This is current crossdomain.xml policy, as it is presented to your users:
+httpbind.settings.cors.group=Provides support for CORS (Cross-Origin Resource Sharing)
+httpbind.settings.cors.label_enable=Enabled
+httpbind.settings.cors.label_enable_info=Activate CORS support for cross domain scripting
+httpbind.settings.cors.domain_list=Enter domain list below separated by commas or * to allow any:
+httpbind.settings.cors.label_disable=Disabled
+httpbind.settings.cors.label_disable_info=Disable CORS support
+httpbind.settings.xff.group=Provides support for XFF (X-Forwarded-For) headers
+httpbind.settings.xff.label_enable=Enabled
+httpbind.settings.xff.label_enable_info=Activate XFF support for proxied HTTP requests
+httpbind.settings.xff.forwarded_for=HTTP header for originating client IP address (X-Forwarded-For):
+httpbind.settings.xff.forwarded_server=HTTP header for proxied Server name (X-Forwarded-Server):
+httpbind.settings.xff.forwarded_host=HTTP header for proxied Host (X-Forwarded-Host):
+httpbind.settings.xff.host_name=Host name to be returned for all proxied responses:
+httpbind.settings.xff.label_disable=Disabled
+httpbind.settings.xff.label_disable_info=Disable XFF support
 
 # Profile Settings
 

src/i18n/openfire_i18n_fr.properties

@@ -1710,6 +1710,21 @@ httpbind.settings.crossdomain.info.general=By default, Openfire will generate a
 httpbind.settings.crossdomain.info.override=This default behavior can be overridden with a custom file. If such \
     a file is made accessible at {0}, its content will be used, instead of the generated content.
 httpbind.settings.crossdomain.info.policy=This is current crossdomain.xml policy, as it is presented to your users:
+httpbind.settings.cors.group=Provides support for CORS (Cross-Origin Resource Sharing)
+httpbind.settings.cors.label_enable=Enabled
+httpbind.settings.cors.label_enable_info=Activate CORS support for cross domain scripting
+httpbind.settings.cors.domain_list=Enter domain list below separated by commas or * to allow any:
+httpbind.settings.cors.label_disable=Disabled
+httpbind.settings.cors.label_disable_info=Disable CORS support
+httpbind.settings.xff.group=Provides support for XFF (X-Forwarded-For) headers
+httpbind.settings.xff.label_enable=Enabled
+httpbind.settings.xff.label_enable_info=Activate XFF support for proxied HTTP requests
+httpbind.settings.xff.forwarded_for=HTTP header for originating client IP address (X-Forwarded-For):
+httpbind.settings.xff.forwarded_server=HTTP header for proxied Server name (X-Forwarded-Server):
+httpbind.settings.xff.forwarded_host=HTTP header for proxied Host (X-Forwarded-Host):
+httpbind.settings.xff.host_name=Host name to be returned for all proxied responses:
+httpbind.settings.xff.label_disable=Disabled
+httpbind.settings.xff.label_disable_info=Disable XFF support
 
 
 # Ports section/page

src/i18n/openfire_i18n_ja_JP.properties

@@ -29,160 +29,8 @@
 ## In property strings that are parameterized, single quotes can be used to
 ## quote the "{" (curly brace) if necessary. A real single quote is represented by ''.
 ##
-## REVISION HISTORY (by Openfire version):
-##
-## 3.1.0
-##      Added section: 'server.db_stats.*'
-##      Added key: 'group.summary.search'
-##      Updated key: 'group.summary.no_groups'
-##      Added key: 'setup.sidebar.profile'
-##      Added key: 'user.read_only'
-##      Updated key: 'user.properties.info'
-##      Added key: 'session.details.priority'
-##      Added section: 'setup.ldap.*'
-##      Added section: 'setup.profile.*'
-##      Added key: 'muc.service-name'
-##      Updated section: 'group.edit.*'
-##      Updated key: 'group.create.form' (note, old translations left in place and need updates)
-##      Deleted keys from: 'group.create.*'
-##      Added key: 'setup.admin.settings.ldap.info'
-##      Added key: 'setup.admin.settings.add.administrator'
-##      Added key: 'setup.admin.settings.administrator'
-##      Added key: 'setup.admin.settings.remove'
-##      Added key: 'plugin.available.no.plugin'
-##      Updated key: 'plugin.available.list'
-##      Added key: 'plugin.enterprise.download.error'
-##      Added key: 'plugin.enterprise.dont.show'
-##      Added key: 'plugin.enterprise.installing'
-##      Added key: 'plugin.enterprise.installed'
-##
-## 3.1.1
-##      Added key: 'global.second'
-##      Added key: 'global.minute'
-##      Added key: 'global.less-minute'
-##      Added key: 'global.hour'
-##      Added key: 'global.hours'
-##      Added key: 'global.day'
-##      Added key: 'global.days'
-##      Added key: 'global.test'
-##      Added key: 'global.click_test'
-##      Added key: 'user.summary.last-logout'
-##      Added key: 'setup.admin.settings.test.title-desc'
-##      Added key: 'setup.admin.settings.test.status-success'
-##      Added key: 'setup.admin.settings.test.status-success.detail'
-##      Added key: 'setup.admin.settings.test.status-error'
-##      Added key: 'setup.admin.settings.test.error-user'
-##      Added key: 'setup.admin.settings.test.error-password'
-##      Added key: 'setup.admin.settings.username-error'
-##      Added key: 'setup.ldap.user.vcard.personal'
-##      Added key: 'setup.ldap.user.vcard.test.description'
-##      Added key: 'setup.ldap.user.vcard.test.random'
-##      Added key: 'setup.ldap.user.test.users-not-found'
-##      Added key: 'setup.ldap.test.error-loading-sample'
-##      Added key: 'setup.ldap.test.internal-server-error'
-##      Added key: 'setup.ldap.group.test.description'
-##      Added key: 'setup.ldap.group.test.label-description'
-##      Added key: 'setup.ldap.group.test.label-members'
-##      Added key: 'setup.ldap.group.test.group-not-found'
-##      Added key: 'group.read_only'
-##      Added key: 'sidebar.profile-settings'
-##      Added key: 'sidebar.profile-settings.descr'
-##      Added section: 'profile-settings.*'
-##
-## 3.2.0
-##      Added key: 'sidebar.ssl-certificates'
-##      Added key: 'sidebar.ssl-certificates.descr'
-##      Added key: 'global.save'
-##      Added section: 'ssl.certificates.*'
-##      Added section: 'ssl.signing-request.*'
-##      Added section: 'server-restart.*'
-##      Added section: 'ports.*'
-##      Removed key: 'ssl.certificates.uninstalled'
-##      Removed key: 'ssl.certificates.error_certificate'
-##      Removed key: 'ssl.certificates.certificate'
-##      Removed key: 'ssl.certificates.publickey'
-##      Removed key: 'ssl.certificates.publickey.title'
-##      Removed key: 'ssl.certificates.publickey.label'
-##      Removed key: 'ssl.certificates.uninstall'
-##      Removed key: 'ssl.certificates.click_uninstall'
-##      Removed key: 'ssl.certificates.confirm_uninstall'
-##      Removed key: 'ssl.certificates.key'
-##      Removed key: 'ssl.certificates.install_certificate'
-##      Removed key: 'ssl.certificates.install_certificate_info'
-##      Removed key: 'ssl.certificates.enter_alias'
-##      Removed key: 'ssl.certificates.enter_certificate'
-##      Removed key: 'ssl.certificates.type'
-##      Removed key: 'ssl.certificates.server'
-##      Removed key: 'ssl.certificates.client'
-##      Removed key: 'ssl.certificates.a_certificate'
-##      Removed key: 'ssl.certificates.add_certificate'
-##      Removed key: 'ssl.certificates.info'
-##      Removed key: 'ssl.certificates.alias'
-##      Removed key: 'ssl.certificates.expiration'
-##      Removed key: 'ssl.certificates.self-signed'
-##      Removed key: 'ssl.certificates.error'
-##      Removed key: 'ssl.certificates.error_messenge'
-##      Removed key: 'ssl.certificates.no_installed'
-##      Removed key: 'ssl.certificates.error_installing'
-##      Removed key: 'ssl.certificates.error_reported'
-##      Removed key: 'ssl.certificates.paste_certificate'
-##      Added key: 'sidebar.http-bind'
-##      Added key: 'sidebar.http-bind.descr'
-##      Added key: 'httpbind.settings.enabled.legend'
-##      Added key: 'httpbind.settings.title'
-##      Added key: 'httpbind.settings.info'
-##      Added key: 'httpbind.settings.label_disable'
-##      Added key: 'httpbind.settings.label_disable_info'
-##      Added key: 'httpbind.settings.label_enable'
-##      Added key: 'httpbind.settings.label_enable_info'
-##      Added key: 'httpbind.settings.vanilla_port'
-##      Added key: 'httpbind.settings.label_seperate'
-##      Added key: 'httpbind.settings.label_seperate_info'
-##      Added key: 'httpbind.settings.label_same'
-##      Added key: 'httpbind.settings.label_same_info'
-##      Added key: 'httpbind.settings.secure_port'
-##      Added key: 'httpbind.settings.error.general'
-##      Added key: 'httpbind.settings.error.port'
-##      Added key: 'setup.finished.wait'
-##      Added section 'mediaproxy.*'
-##      Added section 'stun.*'
-##
-## 3.2.1
-##      Added key: 'index.certificate-warning'
-##      Added section 'ssl.import.certificate.*'
-##
-## 3.3.0
-##      Added key: 'sidebar.sidebar-media-services'
-##      Added key: 'sidebar.media-proxy'
-##      Added key: 'sidebar.media-proxy.descr'
-##      Added key: 'sidebar.stun'
-##      Added key: 'sidebar.stun.descr'
-##      Removed key: 'stun.settings.comment'
-##      Removed key: 'stun.settings.change'
-##      Removed key: 'stun.external.add'
-##      Removed key: 'stun.external.delete'
-##      Removed key: 'httpbind.settings.enabled.legend'
-##      Removed key: 'startup.name'
-##      Updated key: 'startup.starting'
-##      Updated key: 'audit.policy.title_info'
-##      Updated key: 'index.home'
-##      Updated key: 'index.update.info'
-##      Updated key: 'setup.env.check.error_info'
-##      Updated key: 'setup.completed.run_info2'
-##      Updated key: 'setup.datasource.standard.info3'
-##      Updated key: 'setup.profile.description'
-##      Updated key: 'setup.profile.default_description'
-##      Updated key: 'setup.ldap.server.admindn_help'
-##      Updated key: 'setup.ldap.user.description'
-##      Updated key: 'setup.ldap.group.description'
-##      Updated key: 'ssl.certificates.signing-pending.info'
-##      Updated key: 'system.cache.info'
-##      Updated key: 'manage-updates.info'
-##      Updated key: 'manage-updates.label_enable_info'
-##      Updated key: 'plugin.available.outdated'
-##      Updated key: 'plugin.available.outdated.update'
-##      Updated key: 'httpbind.settings.info'
-##      Updated key: 'profile-settings.info'
+## For a full changelog, refer to the English bundle, openfire_i18n_en.properties.
+
 
 # Openfire
 
@@ -2283,6 +2131,21 @@ httpbind.settings.crossdomain.info.general=By default, Openfire will generate a
 httpbind.settings.crossdomain.info.override=This default behavior can be overridden with a custom file. If such \
     a file is made accessible at {0}, its content will be used, instead of the generated content.
 httpbind.settings.crossdomain.info.policy=This is current crossdomain.xml policy, as it is presented to your users:
+httpbind.settings.cors.group=Provides support for CORS (Cross-Origin Resource Sharing)
+httpbind.settings.cors.label_enable=Enabled
+httpbind.settings.cors.label_enable_info=Activate CORS support for cross domain scripting
+httpbind.settings.cors.domain_list=Enter domain list below separated by commas or * to allow any:
+httpbind.settings.cors.label_disable=Disabled
+httpbind.settings.cors.label_disable_info=Disable CORS support
+httpbind.settings.xff.group=Provides support for XFF (X-Forwarded-For) headers
+httpbind.settings.xff.label_enable=Enabled
+httpbind.settings.xff.label_enable_info=Activate XFF support for proxied HTTP requests
+httpbind.settings.xff.forwarded_for=HTTP header for originating client IP address (X-Forwarded-For):
+httpbind.settings.xff.forwarded_server=HTTP header for proxied Server name (X-Forwarded-Server):
+httpbind.settings.xff.forwarded_host=HTTP header for proxied Host (X-Forwarded-Host):
+httpbind.settings.xff.host_name=Host name to be returned for all proxied responses:
+httpbind.settings.xff.label_disable=Disabled
+httpbind.settings.xff.label_disable_info=Disable XFF support
 
 # Profile Settings
 

src/i18n/openfire_i18n_nl.properties

@@ -2037,6 +2037,21 @@ httpbind.settings.crossdomain.info.general=Openfire genereert een crossdomain.xm
 httpbind.settings.crossdomain.info.override=Dit standaard gedrag kan worden vervangen door middel van een (handmatig) bestand.\
     Als zo'n bestand toegankelijk wordt gemaakt op {0}, dan zal dit bestand, in plaats van het gegenereerde bestand, gebruikt worden.
 httpbind.settings.crossdomain.info.policy=Dit is de crossdomain.xml policy, zoals die op dit moment van kracht is:
+httpbind.settings.cors.group=Provides support for CORS (Cross-Origin Resource Sharing)
+httpbind.settings.cors.label_enable=Enabled
+httpbind.settings.cors.label_enable_info=Activate CORS support for cross domain scripting
+httpbind.settings.cors.domain_list=Enter domain list below separated by commas or * to allow any:
+httpbind.settings.cors.label_disable=Disabled
+httpbind.settings.cors.label_disable_info=Disable CORS support
+httpbind.settings.xff.group=Provides support for XFF (X-Forwarded-For) headers
+httpbind.settings.xff.label_enable=Enabled
+httpbind.settings.xff.label_enable_info=Activate XFF support for proxied HTTP requests
+httpbind.settings.xff.forwarded_for=HTTP header for originating client IP address (X-Forwarded-For):
+httpbind.settings.xff.forwarded_server=HTTP header for proxied Server name (X-Forwarded-Server):
+httpbind.settings.xff.forwarded_host=HTTP header for proxied Host (X-Forwarded-Host):
+httpbind.settings.xff.host_name=Host name to be returned for all proxied responses:
+httpbind.settings.xff.label_disable=Disabled
+httpbind.settings.xff.label_disable_info=Disable XFF support
 
 # Profile Settings
 

src/i18n/openfire_i18n_pl_PL.properties

@@ -2017,6 +2017,21 @@ httpbind.settings.crossdomain.info.general=By default, Openfire will generate a
 httpbind.settings.crossdomain.info.override=This default behavior can be overridden with a custom file. If such \
     a file is made accessible at {0}, its content will be used, instead of the generated content.
 httpbind.settings.crossdomain.info.policy=This is current crossdomain.xml policy, as it is presented to your users:
+httpbind.settings.cors.group=Provides support for CORS (Cross-Origin Resource Sharing)
+httpbind.settings.cors.label_enable=Enabled
+httpbind.settings.cors.label_enable_info=Activate CORS support for cross domain scripting
+httpbind.settings.cors.domain_list=Enter domain list below separated by commas or * to allow any:
+httpbind.settings.cors.label_disable=Disabled
+httpbind.settings.cors.label_disable_info=Disable CORS support
+httpbind.settings.xff.group=Provides support for XFF (X-Forwarded-For) headers
+httpbind.settings.xff.label_enable=Enabled
+httpbind.settings.xff.label_enable_info=Activate XFF support for proxied HTTP requests
+httpbind.settings.xff.forwarded_for=HTTP header for originating client IP address (X-Forwarded-For):
+httpbind.settings.xff.forwarded_server=HTTP header for proxied Server name (X-Forwarded-Server):
+httpbind.settings.xff.forwarded_host=HTTP header for proxied Host (X-Forwarded-Host):
+httpbind.settings.xff.host_name=Host name to be returned for all proxied responses:
+httpbind.settings.xff.label_disable=Disabled
+httpbind.settings.xff.label_disable_info=Disable XFF support
 
 
 # Profile Settings

src/i18n/openfire_i18n_pt_BR.properties

@@ -2117,6 +2117,21 @@ httpbind.settings.crossdomain.info.general=By default, Openfire will generate a
 httpbind.settings.crossdomain.info.override=This default behavior can be overridden with a custom file. If such \
     a file is made accessible at {0}, its content will be used, instead of the generated content.
 httpbind.settings.crossdomain.info.policy=This is current crossdomain.xml policy, as it is presented to your users:
+httpbind.settings.cors.group=Provides support for CORS (Cross-Origin Resource Sharing)
+httpbind.settings.cors.label_enable=Enabled
+httpbind.settings.cors.label_enable_info=Activate CORS support for cross domain scripting
+httpbind.settings.cors.domain_list=Enter domain list below separated by commas or * to allow any:
+httpbind.settings.cors.label_disable=Disabled
+httpbind.settings.cors.label_disable_info=Disable CORS support
+httpbind.settings.xff.group=Provides support for XFF (X-Forwarded-For) headers
+httpbind.settings.xff.label_enable=Enabled
+httpbind.settings.xff.label_enable_info=Activate XFF support for proxied HTTP requests
+httpbind.settings.xff.forwarded_for=HTTP header for originating client IP address (X-Forwarded-For):
+httpbind.settings.xff.forwarded_server=HTTP header for proxied Server name (X-Forwarded-Server):
+httpbind.settings.xff.forwarded_host=HTTP header for proxied Host (X-Forwarded-Host):
+httpbind.settings.xff.host_name=Host name to be returned for all proxied responses:
+httpbind.settings.xff.label_disable=Disabled
+httpbind.settings.xff.label_disable_info=Disable XFF support
 
 # Profile Settings
 

src/i18n/openfire_i18n_zh_CN.properties

@@ -1908,6 +1908,21 @@ httpbind.settings.crossdomain.info.general=By default, Openfire will generate a
 httpbind.settings.crossdomain.info.override=This default behavior can be overridden with a custom file. If such \
     a file is made accessible at {0}, its content will be used, instead of the generated content.
 httpbind.settings.crossdomain.info.policy=This is current crossdomain.xml policy, as it is presented to your users:
+httpbind.settings.cors.group=Provides support for CORS (Cross-Origin Resource Sharing)
+httpbind.settings.cors.label_enable=Enabled
+httpbind.settings.cors.label_enable_info=Activate CORS support for cross domain scripting
+httpbind.settings.cors.domain_list=Enter domain list below separated by commas or * to allow any:
+httpbind.settings.cors.label_disable=Disabled
+httpbind.settings.cors.label_disable_info=Disable CORS support
+httpbind.settings.xff.group=Provides support for XFF (X-Forwarded-For) headers
+httpbind.settings.xff.label_enable=Enabled
+httpbind.settings.xff.label_enable_info=Activate XFF support for proxied HTTP requests
+httpbind.settings.xff.forwarded_for=HTTP header for originating client IP address (X-Forwarded-For):
+httpbind.settings.xff.forwarded_server=HTTP header for proxied Server name (X-Forwarded-Server):
+httpbind.settings.xff.forwarded_host=HTTP header for proxied Host (X-Forwarded-Host):
+httpbind.settings.xff.host_name=Host name to be returned for all proxied responses:
+httpbind.settings.xff.label_disable=Disabled
+httpbind.settings.xff.label_disable_info=Disable XFF support
 
 # Profile Settings
 

src/java/org/jivesoftware/openfire/http/HttpBindManager.java

@@ -28,6 +28,7 @@ import java.util.List;
 import java.util.Map;
 
 import org.eclipse.jetty.http.ssl.SslContextFactory;
+import org.eclipse.jetty.server.AbstractConnector;
 import org.eclipse.jetty.server.Connector;
 import org.eclipse.jetty.server.Handler;
 import org.eclipse.jetty.server.Server;
@@ -73,6 +74,16 @@ public final class HttpBindManager {
 
     public static final int HTTP_BIND_THREADS_DEFAULT = 254;
     
+	private static final String HTTP_BIND_FORWARDED = "httpbind.forwarded.enabled";
+    
+	private static final String HTTP_BIND_FORWARDED_FOR = "httpbind.forwarded.for.header";
+    
+	private static final String HTTP_BIND_FORWARDED_SERVER = "httpbind.forwarded.server.header";
+    
+	private static final String HTTP_BIND_FORWARDED_HOST = "httpbind.forwarded.host.header";
+	
+	private static final String HTTP_BIND_FORWARDED_HOST_NAME = "httpbind.forwarded.host.name";
+    
     // http binding CORS default properties
     
     public static final String HTTP_BIND_CORS_ENABLED = "httpbind.CORS.enabled";
@@ -88,7 +99,7 @@ public final class HttpBindManager {
     public static final String HTTP_BIND_CORS_ALLOW_HEADERS_DEFAULT = "Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control";
     
     public static final String HTTP_BIND_CORS_MAX_AGE_DEFAULT = "86400";
-    
+
     public static Map<String, Boolean> HTTP_BIND_ALLOWED_ORIGINS = new HashMap<String, Boolean>();
 
     private static HttpBindManager instance = new HttpBindManager();
@@ -174,6 +185,7 @@ public final class HttpBindManager {
             // Listen on a specific network interface if it has been set.
             connector.setHost(getBindInterface());
             connector.setPort(port);
+            configureProxiedConnector(connector);
             httpConnector = connector;
         }
     }
@@ -211,7 +223,7 @@ public final class HttpBindManager {
                 final SslSelectChannelConnector sslConnector = new SslSelectChannelConnector(sslContextFactory);
                 sslConnector.setHost(getBindInterface());
                 sslConnector.setPort(securePort);
-                
+                configureProxiedConnector(sslConnector);
                 httpsConnector = sslConnector;
             }
         }
@@ -219,6 +231,34 @@ public final class HttpBindManager {
             Log.error("Error creating SSL connector for Http bind", e);
         }
     }
+    
+    private void configureProxiedConnector(AbstractConnector connector) {
+        // Check to see if we are deployed behind a proxy
+        // Refer to http://docs.codehaus.org/display/JETTY/Configuring+Connectors
+        if (isXFFEnabled()) {
+        	connector.setForwarded(true);
+        	// default: "X-Forwarded-For"
+        	String forwardedForHeader = getXFFHeader();
+        	if (forwardedForHeader != null) {
+        		connector.setForwardedForHeader(forwardedForHeader);
+        	}
+        	// default: "X-Forwarded-Server"
+        	String forwardedServerHeader = getXFFServerHeader();
+        	if (forwardedServerHeader != null) {
+        		connector.setForwardedServerHeader(forwardedServerHeader);
+        	}
+        	// default: "X-Forwarded-Host"
+        	String forwardedHostHeader = getXFFHostHeader();
+        	if (forwardedHostHeader != null) {
+        		connector.setForwardedHostHeader(forwardedHostHeader);
+        	}
+        	// default: none
+        	String hostName = getXFFHostName();
+        	if (hostName != null) {
+        		connector.setHostHeader(hostName);
+        	}
+        }
+   }
 
     private String getBindInterface() {
         String interfaceName = JiveGlobals.getXMLProperty("network.interface");
@@ -323,6 +363,62 @@ public final class HttpBindManager {
     
     // http binding CORS support end
 
+    public boolean isXFFEnabled() {
+        return JiveGlobals.getBooleanProperty(HTTP_BIND_FORWARDED, false);
+    }
+    
+    public void setXFFEnabled(boolean enabled) {
+        JiveGlobals.setProperty(HTTP_BIND_FORWARDED, String.valueOf(enabled));
+    }
+    
+    public String getXFFHeader() {
+        return JiveGlobals.getProperty(HTTP_BIND_FORWARDED_FOR);
+    }
+    
+    public void setXFFHeader(String header) {
+    	if (header == null || header.trim().length() == 0) {
+    		JiveGlobals.deleteProperty(HTTP_BIND_FORWARDED_FOR);
+    	} else {
+    		JiveGlobals.setProperty(HTTP_BIND_FORWARDED_FOR, header);
+    	}
+    }
+    
+    public String getXFFServerHeader() {
+        return JiveGlobals.getProperty(HTTP_BIND_FORWARDED_SERVER);
+    }
+    
+    public void setXFFServerHeader(String header) {
+    	if (header == null || header.trim().length() == 0) {
+    		JiveGlobals.deleteProperty(HTTP_BIND_FORWARDED_SERVER);
+    	} else {
+    		JiveGlobals.setProperty(HTTP_BIND_FORWARDED_SERVER, header);
+    	}
+    }
+    
+    public String getXFFHostHeader() {
+        return JiveGlobals.getProperty(HTTP_BIND_FORWARDED_HOST);
+    }
+    
+    public void setXFFHostHeader(String header) {
+    	if (header == null || header.trim().length() == 0) {
+    		JiveGlobals.deleteProperty(HTTP_BIND_FORWARDED_HOST);
+    	} else {
+    		JiveGlobals.setProperty(HTTP_BIND_FORWARDED_HOST, header);
+    	}
+    }
+    
+    public String getXFFHostName() {
+        return JiveGlobals.getProperty(HTTP_BIND_FORWARDED_HOST_NAME);
+    }
+    
+    public void setXFFHostName(String name) {
+    	if (name == null || name.trim().length() == 0) {
+    		JiveGlobals.deleteProperty(HTTP_BIND_FORWARDED_HOST_NAME);
+    	} else {
+    		JiveGlobals.setProperty(HTTP_BIND_FORWARDED_HOST_NAME, name);
+    	}
+    }
+    
     public void setHttpBindEnabled(boolean isEnabled) {
         JiveGlobals.setProperty(HTTP_BIND_ENABLED, String.valueOf(isEnabled));
     }
@@ -591,7 +687,7 @@ public final class HttpBindManager {
             }
             else if (property.equalsIgnoreCase(HTTP_BIND_SECURE_PORT)) {
                 setSecureHttpBindPort(HTTP_BIND_SECURE_PORT_DEFAULT);
-            }
+            }        
         }
 
         public void xmlPropertySet(String property, Map<String, Object> params) {

src/web/http-bind.jsp

@@ -38,7 +38,10 @@
                 serverManager.isHttpBindEnabled());
         // CORS        
         boolean isCORSEnabled = ParamUtils.getBooleanParameter(request, "CORSEnabled",
-                serverManager.isCORSEnabled());        
+                serverManager.isCORSEnabled());
+        // XFF        
+        boolean isXFFEnabled = ParamUtils.getBooleanParameter(request, "XFFEnabled",
+                serverManager.isXFFEnabled());
         if (isEnabled) {
             int requestedPort = ParamUtils.getIntParameter(request, "port",
                     serverManager.getHttpBindUnsecurePort());
@@ -51,6 +54,16 @@
                 // CORS
                 serverManager.setCORSEnabled(isCORSEnabled);
                 serverManager.setCORSAllowOrigin(CORSDomains);
+                // XFF
+                serverManager.setXFFEnabled(isXFFEnabled);
+                String param = ParamUtils.getParameter(request, "XFFHeader");
+                serverManager.setXFFHeader(param);
+                param = ParamUtils.getParameter(request, "XFFServerHeader");
+                serverManager.setXFFServerHeader(param);
+                param = ParamUtils.getParameter(request, "XFFHostHeader");
+                serverManager.setXFFHostHeader(param);
+                param = ParamUtils.getParameter(request, "XFFHostName");
+                serverManager.setXFFHostName(param);
             }
             catch (Exception e) {
                 Log.error("An error has occured configuring the HTTP binding ports", e);
@@ -81,6 +94,12 @@
     boolean isScriptSyntaxEnabled = serverManager.isScriptSyntaxEnabled();
     // CORS
     boolean isCORSEnabled = serverManager.isCORSEnabled();
+    // XFF
+    boolean isXFFEnabled = serverManager.isXFFEnabled();
+    String xffHeader = serverManager.getXFFHeader();
+    String xffServerHeader = serverManager.getXFFServerHeader();
+    String xffHostHeader = serverManager.getXFFHostHeader();
+    String xffHostName = serverManager.getXFFHostName();
 %>
 
 <%@page import="org.jivesoftware.openfire.http.FlashCrossDomainServlet"%><html>
@@ -98,7 +117,13 @@
             $("rb04").disabled = !enabled;
             $("rb05").disabled = !enabled;
             $("rb06").disabled = !enabled;
+            $("rb07").disabled = !enabled;
+            $("rb08").disabled = !enabled;
             $("CORSDomains").disabled = !enabled;
+            $("XFFHeader").disabled = !enabled;
+            $("XFFServerHeader").disabled = !enabled;
+            $("XFFHostHeader").disabled = !enabled;
+            $("XFFHostName").disabled = !enabled;
             $("crossdomain").disabled = !enabled;
         }
         window.onload = setTimeout("setEnabled()", 500);
@@ -213,7 +238,7 @@
     </div>
     
     <!-- CORS -->
-	<div class="jive-contentBoxHeader">Provides support for CORS (Cross-Origin Resource Sharing)</div>
+	<div class="jive-contentBoxHeader"><fmt:message key="httpbind.settings.cors.group"/></div>
     <div class="jive-contentbox">
     	<table cellpadding="3" cellspacing="0" border="0">
 		<tbody>
@@ -224,13 +249,13 @@
 				</td>
 				<td width="99%">
 					<label for="rb05">
-						<b>Enabled</b> - Activate CORS support for cross domain scripting
+						<b><fmt:message key="httpbind.settings.cors.label_enable"/></b> - <fmt:message key="httpbind.settings.cors.label_enable_info"/>
 					</label>
 					<table border="0">
 						<tr>
 							<td>
 								<label for="CORSDomains">
-									Enter domain list below separated by commas or * to allow any :
+									<fmt:message key="httpbind.settings.cors.domain_list"/>
 								</label>
 							</td>
 						</tr>
@@ -249,7 +274,7 @@
 				</td>
 				<td width="99%">
 					<label for="rb06">
-					<b>Disabled</b> - Disable CORS support
+					<b><fmt:message key="httpbind.settings.cors.label_disable"/></b> - <fmt:message key="httpbind.settings.cors.label_disable_info"/>
 					</label>
 				</td>
 			</tr>
@@ -258,6 +283,72 @@
     </div>
     <!-- CORS -->
     
+    <!-- XFF -->
+	<div class="jive-contentBoxHeader"><fmt:message key="httpbind.settings.xff.group"/></div>
+    <div class="jive-contentbox">
+    	<table cellpadding="3" cellspacing="0" border="0">
+		<tbody>
+			<tr valign="top">
+				<td width="1%" nowrap>
+					<input type="radio" name="XFFEnabled" value="true" id="rb07"
+					 <%= (isXFFEnabled ? "checked" : "") %>>
+				</td>
+				<td width="99%">
+					<label for="rb07">
+						<b><fmt:message key="httpbind.settings.xff.label_enable"/></b> - <fmt:message key="httpbind.settings.xff.label_enable_info"/>
+					</label>
+					<table border="0">
+						<tr>
+							<td>
+								<label for="XFFHeader"><fmt:message key="httpbind.settings.xff.forwarded_for"/></label>
+							</td>
+                            <td>
+                                <input id="XFFHeader" type="text" size="40" name="XFFHeader"  value="<%= xffHeader == null ? "" : xffHeader %>">
+                            </td>
+						</tr>
+						<tr>
+							<td>
+								<label for="XFFServerHeader"><fmt:message key="httpbind.settings.xff.forwarded_server"/></label>
+							</td>
+                            <td>
+                                <input id="XFFServerHeader" type="text" size="40" name="XFFServerHeader" value="<%= xffServerHeader == null ? "" : xffServerHeader %>">
+                            </td>
+						</tr>
+						<tr>
+							<td>
+								<label for="XFFHostHeader"><fmt:message key="httpbind.settings.xff.forwarded_host"/></label>
+							</td>
+                            <td>
+                                <input id="XFFHostHeader" type="text" size="40" name="XFFHostHeader" value="<%= xffHostHeader == null ? "" : xffHostHeader %>">
+                            </td>
+						</tr>
+						<tr>
+							<td>
+								<label for="XFFHostName"><fmt:message key="httpbind.settings.xff.host_name"/></label>
+							</td>
+                            <td>
+                                <input id="XFFHostName" type="text" size="40" name="XFFHostName" value="<%= xffHostName == null ? "" : xffHostName %>">
+                            </td>
+						</tr>
+                    </table>
+				</td>
+			</tr>
+            <tr valign="top">
+				<td width="1%" nowrap>
+					<input type="radio" name="XFFEnabled" value="false" id="rb08"
+					 <%= (!isXFFEnabled ? "checked" : "") %>>
+				</td>
+				<td width="99%">
+					<label for="rb08">
+					<b><fmt:message key="httpbind.settings.xff.label_disable"/></b> - <fmt:message key="httpbind.settings.xff.label_disable_info"/>
+					</label>
+				</td>
+			</tr>
+		</tbody>
+		</table>
+    </div>
+    <!-- XFF -->
+    
     <div class="jive-contentBoxHeader">Cross-domain policy</div>
     <div class="jive-contentbox">
     	<p><fmt:message key="httpbind.settings.crossdomain.info.general" /></p>