IntenseWebs/mattermost
3
0
Fork 0
mirror of https://github.com/mattermost/mattermost.git synced 2025-02-25 18:55:24 -06:00
Code Issues Packages Projects Releases Wiki Activity

[MM-15639] Add config setting to explicitly define which IP headers are trusted (#10907)

Browse Source 
* Add config setting to explicitly define which IP headers are trusted

* fix variable shadowing

* Optimize code flow; Add Ratelimit test for header set

* Extend Ratelimit tests

* Add additional unit tests

* Structured logging
This commit is contained in:
Daniel Schalla
2019-05-24 20:22:13 +02:00
committed by GitHub
parent e8af4872c6
commit 2d97f01781
11 changed files with 113 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
utils/utils.go
View File

@@ -8,8 +8,6 @@ import (
"net/http"
"net/url"
"strings"
"github.com/mattermost/mattermost-server/model"
)
func StringInSlice(a string, slice []string) bool {
@@ -68,19 +66,21 @@ func StringSliceDiff(a, b []string) []string {
return result
}
func GetIpAddress(r *http.Request) string {
func GetIpAddress(r *http.Request, trustedProxyIPHeader []string) string {
address := ""
header := r.Header.Get(model.HEADER_FORWARDED)
if len(header) > 0 {
addresses := strings.Fields(header)
if len(addresses) > 0 {
address = strings.TrimRight(addresses[0], ",")
for _, proxyHeader := range trustedProxyIPHeader {
header := r.Header.Get(proxyHeader)
if len(header) > 0 {
addresses := strings.Fields(header)
if len(addresses) > 0 {
address = strings.TrimRight(addresses[0], ",")
}
}
}
if len(address) == 0 {
address = r.Header.Get(model.HEADER_REAL_IP)
if len(address) > 0 {
return address
}
}
if len(address) == 0 {