Carlos8510
diff --git a/‎common/socket/src/main/java/io/helidon/common/socket/PeerInfo.java‎
Lines changed: 1 addition & 1 deletion b/‎common/socket/src/main/java/io/helidon/common/socket/PeerInfo.java‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎http/http/src/main/java/io/helidon/http/RequestedUriDiscoveryContext.java‎
Lines changed: 53 additions & 19 deletions b/‎http/http/src/main/java/io/helidon/http/RequestedUriDiscoveryContext.java‎
Lines changed: 53 additions & 19 deletions
diff --git a/‎http/http/src/main/java/io/helidon/http/UriInfoCompatibilityHelper.java‎
Lines changed: 63 additions & 0 deletions b/‎http/http/src/main/java/io/helidon/http/UriInfoCompatibilityHelper.java‎
Lines changed: 63 additions & 0 deletions
diff --git a/‎http/http/src/test/java/io/helidon/http/RequestedUriDiscoveryContextTest.java‎
Lines changed: 113 additions & 0 deletions b/‎http/http/src/test/java/io/helidon/http/RequestedUriDiscoveryContextTest.java‎
Lines changed: 113 additions & 0 deletions
diff --git a/‎webserver/http2/src/main/java/io/helidon/webserver/http2/Http2ServerRequest.java‎
Lines changed: 3 additions & 4 deletions b/‎webserver/http2/src/main/java/io/helidon/webserver/http2/Http2ServerRequest.java‎
Lines changed: 3 additions & 4 deletions
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2022 Oracle and/or its affiliates.
+ * Copyright (c) 2022, 2025 Oracle and/or its affiliates.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
 
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023, 2024 Oracle and/or its affiliates.
+ * Copyright (c) 2023, 2025 Oracle and/or its affiliates.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -15,6 +15,8 @@
  */
 package io.helidon.http;
 
+import java.net.InetSocketAddress;
+import java.net.SocketAddress;
 import java.util.ArrayList;
 import java.util.List;
 
@@ -64,15 +66,40 @@ static RequestedUriDiscoveryContext create(Config config) {
      * {@link RequestedUriDiscoveryContext} and the specified request-related information.
      *
      * @param remoteAddress remote address from the request
-     * @param localAddress local address from the request
-     * @param requestPath path from the request
-     * @param headers request headers
-     * @param query query information from the request
-     * @param isSecure whether the request is secure
+     * @param localAddress  local address from the request
+     * @param requestPath   path from the request
+     * @param headers       request headers
+     * @param query         query information from the request
+     * @param isSecure      whether the request is secure
      * @return {@code UriInfo} which reconstructs, as well as possible, the requested URI from the originating client
+     * @deprecated Use
+     *         {@link RequestedUriDiscoveryContext#uriInfo(java.net.InetSocketAddress, java.net.InetSocketAddress, String,
+     *         ServerRequestHeaders, io.helidon.common.uri.UriQuery, boolean)}
      */
-    UriInfo uriInfo(String remoteAddress,
-                    String localAddress,
+    @Deprecated(forRemoval = true, since = "4.2.1")
+    default UriInfo uriInfo(String remoteAddress,
+                            String localAddress,
+                            String requestPath,
+                            ServerRequestHeaders headers,
+                            UriQuery query,
+                            boolean isSecure) {
+        return UriInfoCompatibilityHelper.uriInfo(this, remoteAddress, localAddress, requestPath, headers, query, isSecure);
+    }
+
+    /**
+     * Creates a {@link io.helidon.common.uri.UriInfo} object for a request based on the discovery settings in the
+     * {@link RequestedUriDiscoveryContext} and the specified request-related information.
+     *
+     * @param remoteAddress remote address from the request
+     * @param localAddress  local address from the request
+     * @param requestPath   path from the request
+     * @param headers       request headers
+     * @param query         query information from the request
+     * @param isSecure      whether the request is secure
+     * @return {@code UriInfo} which reconstructs, as well as possible, the requested URI from the originating client
+     */
+    UriInfo uriInfo(SocketAddress remoteAddress,
+                    SocketAddress localAddress,
                     String requestPath,
                     ServerRequestHeaders headers,
                     UriQuery query,
@@ -275,8 +302,8 @@ private RequestedUriDiscoveryContextImpl(RequestedUriDiscoveryContext.Builder bu
             }
 
             @Override
-            public UriInfo uriInfo(String remoteAddress,
-                                   String localAddress,
+            public UriInfo uriInfo(SocketAddress remoteAddress,
+                                   SocketAddress localAddress,
                                    String requestPath,
                                    ServerRequestHeaders headers,
                                    UriQuery query,
@@ -289,8 +316,12 @@ public UriInfo uriInfo(String remoteAddress,
 
                 // Note: enabled() returns true if discovery is explicitly enabled or if either
                 // requestedUriDiscoveryTypes or trustedProxies is set.
-                if (enabled) {
-                    if (trustedProxies.test(hostPart(remoteAddress))) {
+                if (enabled && remoteAddress instanceof InetSocketAddress remoteInetAddress) {
+                    // Host with ip address fallback or ip address only
+                    if (trustedProxies.test(remoteInetAddress.getHostString())
+                            || (remoteInetAddress.getAddress() != null
+                                    && trustedProxies.test(remoteInetAddress.getAddress().getHostAddress()))) {
+
                         // Once we discover trusted information using one of the discovery discoveryTypes, we do not mix in
                         // information from other discoveryTypes.
 
@@ -338,14 +369,22 @@ public UriInfo uriInfo(String remoteAddress,
                     authority = headers.first(HeaderNames.HOST).orElse(null);
                 }
 
+                if (host == null
+                        && authority == null
+                        && localAddress instanceof InetSocketAddress localInetAddress) {
+                    uriInfo.host(localInetAddress.getHostString()); // fallback
+                }
+
                 uriInfo.path(path == null ? requestPath : path);
-                uriInfo.host(localAddress); // this is the fallback
+
                 if (authority != null) {
                     uriInfo.authority(authority); // this is the second possibility
                 }
+
                 if (host != null) {
                     uriInfo.host(host); // and this one has priority
                 }
+
                 if (port != -1) {
                     uriInfo.port(port);
                 }
@@ -368,11 +407,6 @@ public UriInfo uriInfo(String remoteAddress,
                 return uriInfo.build();
             }
 
-            private static String hostPart(String address) {
-                int colon = address.indexOf(':');
-                return colon == -1 ? address : address.substring(0, colon);
-            }
-
             private ForwardedDiscovery discoverUsingForwarded(ServerRequestHeaders headers) {
                 String scheme = null;
                 String authority = null;
@@ -416,7 +450,7 @@ private XForwardedDiscovery discoverUsingXForwarded(ServerRequestHeaders headers
 
                 List<String> xForwardedFors = headers.values(HeaderNames.X_FORWARDED_FOR);
                 boolean areProxiesTrusted = true;
-                if (xForwardedFors.size() > 0) {
+                if (!xForwardedFors.isEmpty()) {
                     // Intentionally skip the first X-Forwarded-For value. That is the originating client, and as such it
                     // is not a proxy and we do not need to check its trustworthiness.
                     for (int i = 1; i < xForwardedFors.size(); i++) {
 
@@ -0,0 +1,63 @@
+/*
+ * Copyright (c) 2025 Oracle and/or its affiliates.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.helidon.http;
+
+import java.net.InetSocketAddress;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+import io.helidon.common.uri.UriInfo;
+import io.helidon.common.uri.UriQuery;
+
+/**
+ * @deprecated Remove when
+ *         {@link RequestedUriDiscoveryContext#uriInfo(String, String, String, ServerRequestHeaders,
+ *         io.helidon.common.uri.UriQuery, boolean)} is removed.
+ */
+@Deprecated(forRemoval = true, since = "4.2.1")
+final class UriInfoCompatibilityHelper {
+    private static final Pattern ADDRESS_PATTERN = Pattern.compile("([^/]*)/(\\[[^]]+]|[^:]+|<unresolved>):?([0-9]*)");
+
+    private UriInfoCompatibilityHelper() {
+        //noop
+    }
+
+    static UriInfo uriInfo(
+            RequestedUriDiscoveryContext ctx,
+            String remoteAddress,
+            String localAddress,
+            String requestPath,
+            ServerRequestHeaders headers,
+            UriQuery query,
+            boolean isSecure) {
+
+        Matcher remoteMatcher = ADDRESS_PATTERN.matcher(remoteAddress);
+        Matcher localMatcher = ADDRESS_PATTERN.matcher(localAddress);
+        if (remoteMatcher.matches() && localMatcher.matches()) {
+            String remotePort = remoteMatcher.group(3);
+            String localPort = localMatcher.group(3);
+
+            return ctx.uriInfo(InetSocketAddress.createUnresolved(remoteMatcher.group(1),
+                                                                  remotePort.isEmpty() ? 0 : Integer.parseInt(remotePort)),
+                               InetSocketAddress.createUnresolved(localMatcher.group(1),
+                                                                  localPort.isEmpty() ? 0 : Integer.parseInt(remotePort)),
+                               requestPath, headers, query, isSecure);
+        }
+
+        throw new IllegalArgumentException("Invalid remote: " + remoteAddress + " or local address: " + localAddress);
+    }
+}
@@ -0,0 +1,113 @@
+/*
+ * Copyright (c) 2025 Oracle and/or its affiliates.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.helidon.http;
+
+import java.net.Inet6Address;
+import java.net.InetAddress;
+import java.net.InetSocketAddress;
+import java.net.URI;
+import java.net.UnknownHostException;
+import java.util.stream.Stream;
+
+import io.helidon.common.configurable.AllowList;
+import io.helidon.common.uri.UriQuery;
+
+import org.junit.jupiter.api.Assumptions;
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.Arguments;
+import org.junit.jupiter.params.provider.MethodSource;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.params.provider.Arguments.arguments;
+
+public class RequestedUriDiscoveryContextTest {
+
+    private static Stream<Arguments> params() throws UnknownHostException {
+        return Stream.of(
+                arguments(new InetSocketAddress(InetAddress.getLoopbackAddress(), 8088),
+                          AllowList.builder()
+                                  .addAllowed("localhost")
+                                  .build(),
+                          "UriInfo{scheme=https,host=helidon.io,port=443,path=/path,query=,fragment=}"),
+
+                arguments(new InetSocketAddress(InetAddress.getLoopbackAddress(), 8088),
+                          AllowList.builder()
+                                  .addAllowed("127.0.0.1")
+                                  .build(),
+                          "UriInfo{scheme=https,host=helidon.io,port=443,path=/path,query=,fragment=}"),
+
+                arguments(new InetSocketAddress(Inet6Address.getByAddress("localhost",
+                                                                          Inet6Address.getByName("::1")
+                                                                                  .getAddress()), 8088),
+                          AllowList.builder()
+                                  .addAllowed("localhost")
+                                  .build(),
+                          "UriInfo{scheme=https,host=helidon.io,port=443,path=/path,query=,fragment=}"),
+
+                arguments(new InetSocketAddress(Inet6Address.getByAddress("localhost",
+                                                                          Inet6Address.getByName("::1")
+                                                                                  .getAddress()), 8088),
+                          AllowList.builder()
+                                  .addAllowed("0:0:0:0:0:0:0:1")
+                                  .build(),
+                          "UriInfo{scheme=https,host=helidon.io,port=443,path=/path,query=,fragment=}")
+        );
+    }
+
+    @ParameterizedTest
+    @MethodSource("params")
+    void inetAddress(InetSocketAddress remotePeerAddress, AllowList allowList, String expected) throws UnknownHostException {
+        var uriInfo = RequestedUriDiscoveryContext.builder()
+                .enabled(true)
+                .trustedProxies(allowList)
+                .build()
+                .uriInfo(remotePeerAddress,
+                         remotePeerAddress,
+                         "/path",
+                         ServerRequestHeaders.create(WritableHeaders.create()
+                                                             .add(HeaderNames.FORWARDED,
+                                                                  "by=a.b.c;for=d.e.f;host=helidon.io;proto=https")),
+                         UriQuery.create(URI.create("http://localhost:8088/path")),
+                         true);
+
+        assertEquals(expected, uriInfo.toString());
+    }
+
+    @ParameterizedTest
+    @MethodSource("params")
+    @Deprecated(forRemoval = true, since = "4.2.1")
+    void stringAddress(InetSocketAddress remotePeerAddress, AllowList allowList, String expected) throws UnknownHostException {
+        if (!allowList.prototype().allowed().getFirst().equals("localhost")) {
+            Assumptions.abort("IP address filtering is not supported by deprecated api.");
+        }
+
+        var uriInfo = RequestedUriDiscoveryContext.builder()
+                .enabled(true)
+                .trustedProxies(allowList)
+                .build()
+                .uriInfo(remotePeerAddress.toString(),
+                         remotePeerAddress.toString(),
+                         "/path",
+                         ServerRequestHeaders.create(WritableHeaders.create()
+                                                             .add(HeaderNames.FORWARDED,
+                                                                  "by=a.b.c;for=d.e.f;host=helidon.io;proto=https")),
+                         UriQuery.create(URI.create("http://localhost:8088/path")),
+                         true);
+
+        assertEquals(expected, uriInfo.toString());
+    }
+}
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2022, 2024 Oracle and/or its affiliates.
+ * Copyright (c) 2022, 2025 Oracle and/or its affiliates.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -52,7 +52,6 @@ class Http2ServerRequest implements RoutingRequest {
             RequestedUriDiscoveryContext.builder()
                     .build();
 
-
     private static final Runnable NO_OP_RUNNABLE = () -> {
     };
     private final Http2Headers http2Headers;
@@ -236,8 +235,8 @@ public Optional<ProxyProtocolData> proxyProtocolData() {
     private UriInfo createUriInfo() {
         return ctx.listenerContext().config().requestedUriDiscoveryContext()
                 .orElse(DEFAULT_REQUESTED_URI_DISCOVERY_CONTEXT)
-                .uriInfo(remotePeer().address().toString(),
-                         localPeer().address().toString(),
+                .uriInfo(remotePeer().address(),
+                         localPeer().address(),
                          path.absolute().path(),
                          headers,
                          query(),
Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,5 @@`
`1`	`1`	`/*`
`2`		`- * Copyright (c) 2022 Oracle and/or its affiliates.`
	`2`	`+ * Copyright (c) 2022, 2025 Oracle and/or its affiliates.`
`3`	`3`	`*`
`4`	`4`	`* Licensed under the Apache License, Version 2.0 (the "License");`
`5`	`5`	`* you may not use this file except in compliance with the License.`