From e078161e2f26463ca5aba4ba495a72057e29ec05 Mon Sep 17 00:00:00 2001
From: Jon Chambers <jon@signal.org>
Date: Mon, 30 Oct 2023 17:02:53 -0400
Subject: [PATCH] Consistently use `HttpHeaders.X_FORWARDED_FOR`

---
 .../websocket/WebSocketResourceProvider.java           |  3 ++-
 .../websocket/WebSocketResourceProviderFactory.java    |  3 ++-
 .../websocket/WebSocketResourceProviderTest.java       | 10 +++++-----
 3 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/websocket-resources/src/main/java/org/whispersystems/websocket/WebSocketResourceProvider.java b/websocket-resources/src/main/java/org/whispersystems/websocket/WebSocketResourceProvider.java
index 31faeaefe..738541b52 100644
--- a/websocket-resources/src/main/java/org/whispersystems/websocket/WebSocketResourceProvider.java
+++ b/websocket-resources/src/main/java/org/whispersystems/websocket/WebSocketResourceProvider.java
@@ -5,6 +5,7 @@
 package org.whispersystems.websocket;
 
 import com.google.common.annotations.VisibleForTesting;
+import com.google.common.net.HttpHeaders;
 import com.google.protobuf.UninitializedMessageException;
 import org.eclipse.jetty.websocket.api.MessageTooLargeException;
 import org.eclipse.jetty.websocket.api.RemoteEndpoint;
@@ -201,7 +202,7 @@ public class WebSocketResourceProvider<T extends Principal> implements WebSocket
 
   @VisibleForTesting
   static boolean shouldIncludeRequestMessageHeader(final String header) {
-    return !"X-Forwarded-For".equalsIgnoreCase(header.trim());
+    return !HttpHeaders.X_FORWARDED_FOR.equalsIgnoreCase(header.trim());
   }
 
   private void handleResponse(WebSocketResponseMessage responseMessage) {
diff --git a/websocket-resources/src/main/java/org/whispersystems/websocket/WebSocketResourceProviderFactory.java b/websocket-resources/src/main/java/org/whispersystems/websocket/WebSocketResourceProviderFactory.java
index e9b6e88a4..4cc2a2256 100644
--- a/websocket-resources/src/main/java/org/whispersystems/websocket/WebSocketResourceProviderFactory.java
+++ b/websocket-resources/src/main/java/org/whispersystems/websocket/WebSocketResourceProviderFactory.java
@@ -6,6 +6,7 @@ package org.whispersystems.websocket;
 
 import static java.util.Optional.ofNullable;
 
+import com.google.common.net.HttpHeaders;
 import io.dropwizard.jersey.jackson.JacksonMessageBodyProvider;
 import java.io.IOException;
 import java.security.Principal;
@@ -90,7 +91,7 @@ public class WebSocketResourceProviderFactory<T extends Principal> extends WebSo
   }
 
   private String getRemoteAddress(ServletUpgradeRequest request) {
-    String forwardedFor = request.getHeader("X-Forwarded-For");
+    String forwardedFor = request.getHeader(HttpHeaders.X_FORWARDED_FOR);
 
     if (forwardedFor == null || forwardedFor.isBlank()) {
       return request.getRemoteAddress();
diff --git a/websocket-resources/src/test/java/org/whispersystems/websocket/WebSocketResourceProviderTest.java b/websocket-resources/src/test/java/org/whispersystems/websocket/WebSocketResourceProviderTest.java
index 80557ae17..5bfcfe0bc 100644
--- a/websocket-resources/src/test/java/org/whispersystems/websocket/WebSocketResourceProviderTest.java
+++ b/websocket-resources/src/test/java/org/whispersystems/websocket/WebSocketResourceProviderTest.java
@@ -653,13 +653,13 @@ class WebSocketResourceProviderTest {
     assertThat(WebSocketResourceProvider.shouldIncludeUpgradeRequestHeader("Connection")).isFalse();
     assertThat(WebSocketResourceProvider.shouldIncludeUpgradeRequestHeader("Sec-WebSocket-Key")).isFalse();
     assertThat(WebSocketResourceProvider.shouldIncludeUpgradeRequestHeader(HttpHeaders.USER_AGENT)).isTrue();
-    assertThat(WebSocketResourceProvider.shouldIncludeUpgradeRequestHeader("X-Forwarded-For")).isTrue();
+    assertThat(WebSocketResourceProvider.shouldIncludeUpgradeRequestHeader(HttpHeaders.X_FORWARDED_FOR)).isTrue();
     assertThat(WebSocketResourceProvider.shouldIncludeUpgradeRequestHeader("X-Signal-Receive-Stories")).isTrue();
   }
 
   @Test
   void testShouldIncludeRequestMessageHeader() {
-    assertThat(WebSocketResourceProvider.shouldIncludeRequestMessageHeader("X-Forwarded-For")).isFalse();
+    assertThat(WebSocketResourceProvider.shouldIncludeRequestMessageHeader(HttpHeaders.X_FORWARDED_FOR)).isFalse();
     assertThat(WebSocketResourceProvider.shouldIncludeRequestMessageHeader(HttpHeaders.USER_AGENT)).isTrue();
     assertThat(WebSocketResourceProvider.shouldIncludeRequestMessageHeader("X-Signal-Receive-Stories")).isTrue();
   }
@@ -673,16 +673,16 @@ class WebSocketResourceProviderTest {
         "Sec-WebSocket-Key", List.of("dGhlIHNhbXBsZSBub25jZQ=="),
         "Sec-WebSocket-Protocol", List.of("chat, superchat"),
         "Sec-WebSocket-Version", List.of("13"),
-        "X-Forwarded-For", List.of("127.0.0.1"),
+        HttpHeaders.X_FORWARDED_FOR, List.of("127.0.0.1"),
         HttpHeaders.USER_AGENT, List.of("Upgrade request user agent"));
 
     final Map<String, String> requestMessageHeaders = Map.of(
-        "X-Forwarded-For", "192.168.0.1",
+        HttpHeaders.X_FORWARDED_FOR, "192.168.0.1",
         HttpHeaders.USER_AGENT, "Request message user agent");
 
     final Map<String, List<String>> expectedHeaders = Map.of(
         "Host", List.of("server.example.com"),
-        "X-Forwarded-For", List.of("127.0.0.1"),
+        HttpHeaders.X_FORWARDED_FOR, List.of("127.0.0.1"),
         HttpHeaders.USER_AGENT, List.of("Request message user agent"));
 
     assertThat(WebSocketResourceProvider.getCombinedHeaders(upgradeRequestHeaders, requestMessageHeaders)).isEqualTo(