Check for upstream proxy

2025-11-04 09:34:04 +00:00 · 2021-01-23 08:37:58 +01:00
parent 82fcd95fd3
commit dac83ba437
2 changed files with 24 additions and 4 deletions
--- a/config.yaml
+++ b/config.yaml
@@ -10,9 +10,8 @@ server-address: 0.0.0.0
 server-port: 3001

 # Server proxy (none = no proxy)
-# This value is used to trust upstream
-# IP addresses
-proxy: none
+# This value is used to trust upstream proxy
+proxy: "127.0.0.1"

 # If set to true Access-Control-Allow-Origin will be set for https
 force-https: false
--- a/src/data/http_request_handler.rs
+++ b/src/data/http_request_handler.rs
@@ -194,7 +194,28 @@ impl HttpRequestHandler {

    /// Get the remote IP address
    pub fn remote_ip(&self) -> String {
-        self.request.peer_addr().unwrap().ip().to_string()
+        let mut ip = self.request.peer_addr().unwrap().ip().to_string();
+
+        // We check if the request comes from a trusted reverse proxy
+        if let Some(proxy) = conf().proxy.as_ref() {
+            if ip.eq(proxy) {
+                if let Some(header) = self.request.headers().get("X-Forwarded-For") {
+                    let header: Vec<String> = header
+                        .to_str()
+                        .unwrap()
+                        .to_string()
+                        .split(",")
+                        .map(|f| f.to_string())
+                        .collect();
+
+                    if header.len() > 0 {
+                        ip = header[0].to_string();
+                    }
+                }
+            }
+        }
+
+        ip
    }

    /// Check if a POST parameter was present in the request or not