我的环境是k8s,在ingress里增加参数use-forwarded-headers: "true"

我的网关就出现错误

2024-06-27 12:40:53,736 [reactor-http-epoll-2] ERROR c.g.c.i.g.h.GatewayExceptionHandler 53 - [网关异常处理]请求路径:/auth/login,异常信息:
        java.lang.IllegalArgumentException: Actual request port must not be undefined
        at org.springframework.util.Assert.isTrue(Assert.java:122)
        Suppressed: The stacktrace has been enhanced by Reactor, refer to additional information below:
Error has been observed at the following site(s):
        *__checkpoint ⇢ HTTP POST "/auth/login" [ExceptionHandlingWebHandler]
Original Stack Trace:
                at org.springframework.util.Assert.isTrue(Assert.java:122)
                at org.springframework.web.cors.reactive.CorsUtils.isSameOrigin(CorsUtils.java:83)
                at org.springframework.web.cors.reactive.CorsUtils.isCorsRequest(CorsUtils.java:44)
                at cn.gov.caac.issp.gateway.filter.GlobalCorsFilter.filter(GlobalCorsFilter.java:39)
                at org.springframework.web.server.handler.DefaultWebFilterChain.invokeFilter(DefaultWebFilterChain.java:114)
                at org.springframework.web.server.handler.DefaultWebFilterChain.lambda$filter$0(DefaultWebFilterChain.java:108)
                at reactor.core.publisher.MonoDefer.subscribe(MonoDefer.java:44)
                at reactor.core.publisher.Mono.subscribe(Mono.java:4444)
                at reactor.core.publisher.MonoIgnoreThen$ThenIgnoreMain.subscribeNext(MonoIgnoreThen.java:263)
                at reactor.core.publisher.MonoIgnoreThen.subscribe(MonoIgnoreThen.java:51)
                at reactor.core.publisher.InternalMonoOperator.subscribe(InternalMonoOperator.java:64)
                at reactor.core.publisher.MonoDeferContextual.subscribe(MonoDeferContextual.java:55)
                at reactor.netty.http.server.HttpServer$HttpServerHandle.onStateChange(HttpServer.java:1006)
                at reactor.netty.ReactorNetty$CompositeConnectionObserver.onStateChange(ReactorNetty.java:710)
                at reactor.netty.transport.ServerTransport$ChildObserver.onStateChange(ServerTransport.java:477)
                at reactor.netty.http.server.HttpServerOperations.onInboundNext(HttpServerOperations.java:593)
                at reactor.netty.channel.ChannelOperationsHandler.channelRead(ChannelOperationsHandler.java:113)
                at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:444)
                at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
                at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:412)
                at reactor.netty.http.server.HttpTrafficHandler.channelRead(HttpTrafficHandler.java:223)
                at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:442)
                at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
                at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:412)
                at io.netty.channel.CombinedChannelDuplexHandler$DelegatingChannelHandlerContext.fireChannelRead(CombinedChannelDuplexHandler.java:436)
                at io.netty.handler.codec.ByteToMessageDecoder.fireChannelRead(ByteToMessageDecoder.java:346)
                at io.netty.handler.codec.ByteToMessageDecoder.fireChannelRead(ByteToMessageDecoder.java:333)
                at io.netty.handler.codec.ByteToMes

如果在ingress里去掉参数use-forwarded-headers: "true"就正常,这个参数是获取用户的真实ip地址的

没遇到过这种问题,看这句话的意思是 “实际请求端口不得未定义”。

我在官方的Issues里面看到了这个,好像情况跟你一样,你可以看看:

感谢,但是这个问题是在我自建环境出现的,但是我上到生产环境就没有,应该是需要在nginx里做一下限制,我测试后在这里同步一下

1 Like