Trust X-Forwarded-For from 127.0.0.1

This commit is contained in:
calzoneman 2013-09-10 16:11:35 -05:00
parent 83ea83429e
commit 2a30d30d0a
3 changed files with 7 additions and 3 deletions

View File

@ -1,3 +1,7 @@
Tue Sep 10 16:10 2013 CDT
* lib/server.js, lib/api.js: Implicitly trust X-Forwarded-For when the
source ip is 127.0.0.1
Tue Sep 10 14:09 2013 CDT Tue Sep 10 14:09 2013 CDT
* lib/config.js, lib/server.js: Add a config key for the passphrase * lib/config.js, lib/server.js: Add a config key for the passphrase
to the ssl key. to the ssl key.

View File

@ -19,7 +19,7 @@ module.exports = function (Server) {
function getIP(req) { function getIP(req) {
var raw = req.connection.remoteAddress; var raw = req.connection.remoteAddress;
var forward = req.header("x-forwarded-for"); var forward = req.header("x-forwarded-for");
if(Server.cfg["trust-x-forward"] && forward) { if((Server.cfg["trust-x-forward"] || raw === "127.0.0.1") && forward) {
var ip = forward.split(",")[0]; var ip = forward.split(",")[0];
Logger.syslog.log("REVPROXY " + raw + " => " + ip); Logger.syslog.log("REVPROXY " + raw + " => " + ip);
return ip; return ip;

View File

@ -13,7 +13,7 @@ const VERSION = "2.4.2";
function getIP(req) { function getIP(req) {
var raw = req.connection.remoteAddress; var raw = req.connection.remoteAddress;
var forward = req.header("x-forwarded-for"); var forward = req.header("x-forwarded-for");
if(Server.cfg["trust-x-forward"] && forward) { if((Server.cfg["trust-x-forward"] || raw === "127.0.0.1") && forward) {
var ip = forward.split(",")[0]; var ip = forward.split(",")[0];
Logger.syslog.log("REVPROXY " + raw + " => " + ip); Logger.syslog.log("REVPROXY " + raw + " => " + ip);
return ip; return ip;
@ -23,7 +23,7 @@ function getIP(req) {
function getSocketIP(socket) { function getSocketIP(socket) {
var raw = socket.handshake.address.address; var raw = socket.handshake.address.address;
if(Server.cfg["trust-x-forward"]) { if(Server.cfg["trust-x-forward"] || raw === "127.0.0.1") {
if(typeof socket.handshake.headers["x-forwarded-for"] == "string") { if(typeof socket.handshake.headers["x-forwarded-for"] == "string") {
var ip = socket.handshake.headers["x-forwarded-for"] var ip = socket.handshake.headers["x-forwarded-for"]
.split(",")[0]; .split(",")[0];