homelab/traefik
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Ability to use "X-Forwarded-For" as a source of IP for white list.

Browse source
This commit is contained in:
Ludovic Fernandez 2018-03-23 17:40:04 +01:00 committed by Traefiker Bot
parent 4802484729
commit d2766b1b4f
50 changed files with 1496 additions and 599 deletions
Download patch file Download diff file Expand all files Collapse all files

12
server/header_rewriter.go
View file

@ -1,7 +1,6 @@
package server
import (
"net"
"net/http"
"os"
@ -12,7 +11,7 @@ import (
// NewHeaderRewriter Create a header rewriter
func NewHeaderRewriter(trustedIPs []string, insecure bool) (forward.ReqRewriter, error) {
IPs, err := whitelist.NewIP(trustedIPs, insecure)
IPs, err := whitelist.NewIP(trustedIPs, insecure, true)
if err != nil {
return nil, err
}
@ -38,14 +37,7 @@ type headerRewriter struct {
}
func (h *headerRewriter) Rewrite(req *http.Request) {
clientIP, _, err := net.SplitHostPort(req.RemoteAddr)
if err != nil {
log.Error(err)
h.secureRewriter.Rewrite(req)
return
}
authorized, _, err := h.ips.Contains(clientIP)
authorized, _, err := h.ips.IsAuthorized(req)
if err != nil {
log.Error(err)
h.secureRewriter.Rewrite(req)