fix: whitelist and XFF.
This commit is contained in:
Ludovic Fernandez
Traefiker Bot
parent
8bca8236db
commit
6bcf45f136
3 changed files with 20 additions and 9 deletions
|
|
@ -61,16 +61,19 @@ func (ip *IP) IsAuthorized(req *http.Request) error {
|
|||
xFFs := req.Header[XForwardedFor]
|
||||
if len(xFFs) > 0 {
|
||||
for _, xFF := range xFFs {
|
||||
ok, err := ip.contains(parseHost(xFF))
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
xffs := strings.Split(xFF, ",")
|
||||
for _, xff := range xffs {
|
||||
ok, err := ip.contains(parseHost(xff))
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if ok {
|
||||
return nil
|
||||
}
|
||||
if ok {
|
||||
return nil
|
||||
}
|
||||
|
||||
invalidMatches = append(invalidMatches, xFF)
|
||||
invalidMatches = append(invalidMatches, xff)
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue