1
0
mirror of https://gitlab.com/comunic/comunicapiv3 synced 2024-11-26 07:19:22 +00:00

Check for upstream proxy

This commit is contained in:
Pierre HUBERT 2021-01-23 08:37:58 +01:00
parent 82fcd95fd3
commit dac83ba437
2 changed files with 24 additions and 4 deletions

View File

@ -10,9 +10,8 @@ server-address: 0.0.0.0
server-port: 3001
# Server proxy (none = no proxy)
# This value is used to trust upstream
# IP addresses
proxy: none
# This value is used to trust upstream proxy
proxy: "127.0.0.1"
# If set to true Access-Control-Allow-Origin will be set for https
force-https: false

View File

@ -194,7 +194,28 @@ impl HttpRequestHandler {
/// Get the remote IP address
pub fn remote_ip(&self) -> String {
self.request.peer_addr().unwrap().ip().to_string()
let mut ip = self.request.peer_addr().unwrap().ip().to_string();
// We check if the request comes from a trusted reverse proxy
if let Some(proxy) = conf().proxy.as_ref() {
if ip.eq(proxy) {
if let Some(header) = self.request.headers().get("X-Forwarded-For") {
let header: Vec<String> = header
.to_str()
.unwrap()
.to_string()
.split(",")
.map(|f| f.to_string())
.collect();
if header.len() > 0 {
ip = header[0].to_string();
}
}
}
}
ip
}
/// Check if a POST parameter was present in the request or not