Changeset 472 in code for trunk/server.go


Ignore:
Timestamp:
Mar 18, 2021, 11:08:25 AM (4 years ago)
Author:
contact
Message:

Add support for the Forwarded HTTP header

This is the standard replacing X-Forwarded-*.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/server.go

    r471 r472  
    44        "fmt"
    55        "log"
     6        "mime"
    67        "net"
    78        "net/http"
     
    215216        // to prevent users from spoofing the remote address
    216217        remoteAddr := req.RemoteAddr
    217         forwardedHost := req.Header.Get("X-Forwarded-For")
    218         forwardedPort := req.Header.Get("X-Forwarded-Port")
    219         if isProxy && forwardedHost != "" && forwardedPort != "" {
    220                 remoteAddr = net.JoinHostPort(forwardedHost, forwardedPort)
     218        if isProxy {
     219                forwarded := parseForwarded(req.Header)
     220                forwardedHost := req.Header.Get("X-Forwarded-For")
     221                forwardedPort := req.Header.Get("X-Forwarded-Port")
     222                if forwarded["for"] != "" && forwarded["port"] != "" {
     223                        remoteAddr = net.JoinHostPort(forwarded["for"], forwarded["port"])
     224                } else if forwardedHost != "" && forwardedPort != "" {
     225                        remoteAddr = net.JoinHostPort(forwardedHost, forwardedPort)
     226                }
    221227        }
    222228
    223229        s.handle(newWebsocketIRCConn(conn, remoteAddr))
    224230}
     231
     232func parseForwarded(h http.Header) map[string]string {
     233        forwarded := h.Get("Forwarded")
     234        if forwarded == "" {
     235                return nil
     236        }
     237        // Hack to easily parse header parameters
     238        _, params, _ := mime.ParseMediaType("hack; " + forwarded)
     239        return params
     240}
Note: See TracChangeset for help on using the changeset viewer.