hydrar/mistserver
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Improved trustedproxy support

Browse source
This commit is contained in:
Thulinma 2020-02-19 12:27:17 +01:00
parent f43a1e5b99
commit 5c8aa1bfbd
5 changed files with 55 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

11
src/output/output_http.cpp
View file

@ -448,8 +448,7 @@ namespace Mist {
bool HTTPOutput::isTrustedProxy(const std::string & ip){
static std::set<std::string> trustedProxies;
if (!trustedProxies.size()){
trustedProxies.insert("::1");
trustedProxies.insert("127.0.0.1");
trustedProxies.insert("localhost");
IPC::sharedPage rPage(SHM_PROXY, 0, false, false);
if (rPage){
@ -467,11 +466,11 @@ namespace Mist {
}
}
}
//Make sure to also check for IPv6 addresses
if (ip.substr(0, 7) == "::ffff:" && trustedProxies.count(ip.substr(7))){
return true;
std::string binIp = Socket::getBinForms(ip);
for (std::set<std::string>::iterator it = trustedProxies.begin(); it != trustedProxies.end(); ++it){
if (Socket::isBinAddress(binIp, *it)){return true;}
}
return trustedProxies.count(ip) > 0;
return false;
}
/*LTS-END*/