From d6b66dbaaa81d89db0de522f90780e43145f65bf Mon Sep 17 00:00:00 2001
From: Tim Donohue <tim.donohue@lyrasis.org>
Date: Thu, 13 May 2021 14:27:18 -0500
Subject: [PATCH] Enable server.forward-headers-strategy by default and move to
 application.properties

---
 .../src/main/resources/application.properties     | 15 +++++++++++++++
 dspace/config/dspace.cfg                          | 10 ----------
 2 files changed, 15 insertions(+), 10 deletions(-)

diff --git a/dspace-server-webapp/src/main/resources/application.properties b/dspace-server-webapp/src/main/resources/application.properties
index 2b8463e18a..18e1c6dfa3 100644
--- a/dspace-server-webapp/src/main/resources/application.properties
+++ b/dspace-server-webapp/src/main/resources/application.properties
@@ -77,6 +77,18 @@ spring.http.encoding.force=true
 # However, you may wish to set this to "always" in your 'local.cfg' for development or debugging purposes.
 server.error.include-stacktrace = never
 
+# Spring Boot proxy configuration (can be overridden in local.cfg).
+# By default, Spring Boot does not automatically use X-Forwarded-* Headers when generating links (and similar) in the
+# DSpace REST API. Three options are currently supported by Spring Boot:
+#   * NATIVE = allows your web server to natively support standard Forwarded headers
+#   * FRAMEWORK = (DSpace default) enables Spring Framework's built in filter to manage these headers in Spring Boot.
+#                 This setting is used by default to support all X-Forwarded-* headers, as the DSpace backend is often
+#                 installed behind Apache HTTPD or Nginx proxy (both of which pass those headers to Tomcat).
+#   * NONE = (Spring default) Forwarded headers are ignored
+# For more information see
+# https://docs.spring.io/spring-boot/docs/current/reference/html/howto.html#howto-use-behind-a-proxy-server
+server.forward-headers-strategy=FRAMEWORK
+
 ######################
 # Spring Boot Autoconfigure
 #
@@ -107,6 +119,9 @@ spring.main.allow-bean-definition-overriding = true
 # Log4J configuration
 logging.config = ${dspace.dir}/config/log4j2.xml
 
+##################################
+# Spring MVC file upload settings
+#
 # Maximum size of a single uploaded file (default = 1MB)
 spring.servlet.multipart.max-file-size = 512MB
 
diff --git a/dspace/config/dspace.cfg b/dspace/config/dspace.cfg
index c63b87fd0f..bd775e86a8 100644
--- a/dspace/config/dspace.cfg
+++ b/dspace/config/dspace.cfg
@@ -371,16 +371,6 @@ useProxies = true
 # (Requires reboot of servlet container, e.g. Tomcat, to reload)
 #proxies.trusted.include_ui_ip = true
 
-# Spring Boot proxy configuration (can be set in local.cfg or in application.properties).
-# By default, Spring Boot does not automatically use X-Forwarded-* Headers when generating links (and similar) in the
-# REST API. When using a proxy in front of the REST API, you may need to modify this setting:
-#   * NATIVE = allows your web server to natively support standard Forwarded headers
-#   * FRAMEWORK = enables Spring Framework's built in filter to manage these headers in Spring Boot
-#   * NONE = default value. Forwarded headers are ignored
-# For more information see
-# https://docs.spring.io/spring-boot/docs/current/reference/html/howto.html#howto-use-behind-a-proxy-server
-#server.forward-headers-strategy=FRAMEWORK
-
 #### Media Filter / Format Filter plugins (through PluginService) ####
 # Media/Format Filters help to full-text index content or
 # perform automated format conversions