mirror of
https://github.com/Xahau/xahaud.git
synced 2025-12-06 17:27:52 +00:00
Support multiple proxies in X-Forwarded-For header
This commit is contained in:
Mark Travis
committed by
Nik Bougalis
Nik Bougalis
parent
6cda070fe0
commit
ade1afe1b0
@@ -19,6 +19,9 @@
|
|||||||
|
|
||||||
#include <ripple/rpc/Role.h>
|
#include <ripple/rpc/Role.h>
|
||||||
#include <boost/beast/core/string.hpp>
|
#include <boost/beast/core/string.hpp>
|
||||||
|
#include <boost/beast/http/field.hpp>
|
||||||
|
#include <boost/beast/http/rfc7230.hpp>
|
||||||
|
#include <boost/utility/string_view.hpp>
|
||||||
#include <algorithm>
|
#include <algorithm>
|
||||||
|
|
||||||
namespace ripple {
|
namespace ripple {
|
||||||
@@ -108,14 +111,7 @@ requestInboundEndpoint (Resource::Manager& manager,
|
|||||||
boost::string_view
|
boost::string_view
|
||||||
forwardedFor(http_request_type const& request)
|
forwardedFor(http_request_type const& request)
|
||||||
{
|
{
|
||||||
auto it = request.find("X-Forwarded-For");
|
auto it = request.find(boost::beast::http::field::forwarded);
|
||||||
if (it != request.end())
|
|
||||||
{
|
|
||||||
return boost::beast::http::ext_list{
|
|
||||||
it->value()}.begin()->first;
|
|
||||||
}
|
|
||||||
|
|
||||||
it = request.find("Forwarded");
|
|
||||||
if (it != request.end())
|
if (it != request.end())
|
||||||
{
|
{
|
||||||
auto ascii_tolower = [](char c) -> char
|
auto ascii_tolower = [](char c) -> char
|
||||||
@@ -137,10 +133,23 @@ forwardedFor(http_request_type const& request)
|
|||||||
return {};
|
return {};
|
||||||
|
|
||||||
found += forStr.size();
|
found += forStr.size();
|
||||||
auto pos{it->value().find(';', forStr.size())};
|
std::size_t const pos ([&]()
|
||||||
if (pos != boost::string_view::npos)
|
{
|
||||||
return {found, pos + 1};
|
std::size_t const pos{boost::string_view(
|
||||||
return {found, it->value().size() - forStr.size()};
|
found, it->value().end() - found).find(';')};
|
||||||
|
if (pos == boost::string_view::npos)
|
||||||
|
return it->value().size() - forStr.size();
|
||||||
|
return pos;
|
||||||
|
}());
|
||||||
|
|
||||||
|
return *boost::beast::http::token_list(
|
||||||
|
boost::string_view(found, pos)).begin();
|
||||||
|
}
|
||||||
|
|
||||||
|
it = request.find("X-Forwarded-For");
|
||||||
|
if (it != request.end())
|
||||||
|
{
|
||||||
|
return *boost::beast::http::token_list(it->value()).begin();
|
||||||
}
|
}
|
||||||
|
|
||||||
return {};
|
return {};
|
||||||
|
|||||||
@@ -82,6 +82,11 @@ class Roles_test : public beast::unit_test::suite
|
|||||||
rpcRes = env.rpc(headers, "ping")["result"];
|
rpcRes = env.rpc(headers, "ping")["result"];
|
||||||
BEAST_EXPECT(rpcRes["ip"] == "55.66.77.88");
|
BEAST_EXPECT(rpcRes["ip"] == "55.66.77.88");
|
||||||
|
|
||||||
|
headers["Forwarded"] = "what=where;for=55.66.77.88, 99.00.11.22;"
|
||||||
|
"who=3";
|
||||||
|
rpcRes = env.rpc(headers, "ping")["result"];
|
||||||
|
BEAST_EXPECT(rpcRes["ip"] == "55.66.77.88");
|
||||||
|
|
||||||
wsRes = makeWSClient(
|
wsRes = makeWSClient(
|
||||||
env.app().config(), true, 2, headers)->invoke("ping")["result"];
|
env.app().config(), true, 2, headers)->invoke("ping")["result"];
|
||||||
BEAST_EXPECT(
|
BEAST_EXPECT(
|
||||||
|
|||||||
Reference in New Issue
Block a user