mirror of https://github.com/calzoneman/sync.git
Trust X-Forwarded-For from 127.0.0.1
This commit is contained in:
parent
83ea83429e
commit
2a30d30d0a
|
@ -1,3 +1,7 @@
|
||||||
|
Tue Sep 10 16:10 2013 CDT
|
||||||
|
* lib/server.js, lib/api.js: Implicitly trust X-Forwarded-For when the
|
||||||
|
source ip is 127.0.0.1
|
||||||
|
|
||||||
Tue Sep 10 14:09 2013 CDT
|
Tue Sep 10 14:09 2013 CDT
|
||||||
* lib/config.js, lib/server.js: Add a config key for the passphrase
|
* lib/config.js, lib/server.js: Add a config key for the passphrase
|
||||||
to the ssl key.
|
to the ssl key.
|
||||||
|
|
|
@ -19,7 +19,7 @@ module.exports = function (Server) {
|
||||||
function getIP(req) {
|
function getIP(req) {
|
||||||
var raw = req.connection.remoteAddress;
|
var raw = req.connection.remoteAddress;
|
||||||
var forward = req.header("x-forwarded-for");
|
var forward = req.header("x-forwarded-for");
|
||||||
if(Server.cfg["trust-x-forward"] && forward) {
|
if((Server.cfg["trust-x-forward"] || raw === "127.0.0.1") && forward) {
|
||||||
var ip = forward.split(",")[0];
|
var ip = forward.split(",")[0];
|
||||||
Logger.syslog.log("REVPROXY " + raw + " => " + ip);
|
Logger.syslog.log("REVPROXY " + raw + " => " + ip);
|
||||||
return ip;
|
return ip;
|
||||||
|
|
|
@ -13,7 +13,7 @@ const VERSION = "2.4.2";
|
||||||
function getIP(req) {
|
function getIP(req) {
|
||||||
var raw = req.connection.remoteAddress;
|
var raw = req.connection.remoteAddress;
|
||||||
var forward = req.header("x-forwarded-for");
|
var forward = req.header("x-forwarded-for");
|
||||||
if(Server.cfg["trust-x-forward"] && forward) {
|
if((Server.cfg["trust-x-forward"] || raw === "127.0.0.1") && forward) {
|
||||||
var ip = forward.split(",")[0];
|
var ip = forward.split(",")[0];
|
||||||
Logger.syslog.log("REVPROXY " + raw + " => " + ip);
|
Logger.syslog.log("REVPROXY " + raw + " => " + ip);
|
||||||
return ip;
|
return ip;
|
||||||
|
@ -23,7 +23,7 @@ function getIP(req) {
|
||||||
|
|
||||||
function getSocketIP(socket) {
|
function getSocketIP(socket) {
|
||||||
var raw = socket.handshake.address.address;
|
var raw = socket.handshake.address.address;
|
||||||
if(Server.cfg["trust-x-forward"]) {
|
if(Server.cfg["trust-x-forward"] || raw === "127.0.0.1") {
|
||||||
if(typeof socket.handshake.headers["x-forwarded-for"] == "string") {
|
if(typeof socket.handshake.headers["x-forwarded-for"] == "string") {
|
||||||
var ip = socket.handshake.headers["x-forwarded-for"]
|
var ip = socket.handshake.headers["x-forwarded-for"]
|
||||||
.split(",")[0];
|
.split(",")[0];
|
||||||
|
|
Loading…
Reference in New Issue