Skip to content

Commit bf8831c

Browse files
tdjsnellingtdjsnelling
authored
adds handling for x-forwarded-for comma-separated syntax (webtorrent#452)
1 parent bf4481c commit bf8831c

File tree

2 files changed

+22
-6
lines changed

2 files changed

+22
-6
lines changed

lib/server/parse-http.js

Lines changed: 11 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -33,9 +33,17 @@ function parseHttpRequest (req, opts) {
3333
common.MAX_ANNOUNCE_PEERS
3434
)
3535

36-
params.ip = opts.trustProxy
37-
? req.headers['x-forwarded-for'] || req.connection.remoteAddress
38-
: req.connection.remoteAddress.replace(common.REMOVE_IPV4_MAPPED_IPV6_RE, '') // force ipv4
36+
if (opts.trustProxy) {
37+
if (req.headers['x-forwarded-for']) {
38+
const [realIp] = req.headers['x-forwarded-for'].split(',')
39+
params.ip = realIp.trim()
40+
} else {
41+
params.ip = req.connection.remoteAddress
42+
}
43+
} else {
44+
params.ip = req.connection.remoteAddress.replace(common.REMOVE_IPV4_MAPPED_IPV6_RE, '') // force ipv4
45+
}
46+
3947
params.addr = `${common.IPV6_RE.test(params.ip) ? `[${params.ip}]` : params.ip}:${params.port}`
4048

4149
params.headers = req.headers

lib/server/parse-websocket.js

Lines changed: 11 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -55,9 +55,17 @@ function parseWebSocketRequest (socket, opts, params) {
5555
// On first parse, save important data from `socket.upgradeReq` and delete it
5656
// to reduce memory usage.
5757
if (socket.upgradeReq) {
58-
socket.ip = opts.trustProxy
59-
? socket.upgradeReq.headers['x-forwarded-for'] || socket.upgradeReq.connection.remoteAddress
60-
: socket.upgradeReq.connection.remoteAddress.replace(common.REMOVE_IPV4_MAPPED_IPV6_RE, '') // force ipv4
58+
if (opts.trustProxy) {
59+
if (socket.upgradeReq.headers['x-forwarded-for']) {
60+
const [realIp] = socket.upgradeReq.headers['x-forwarded-for'].split(',')
61+
socket.ip = realIp.trim()
62+
} else {
63+
socket.ip = socket.upgradeReq.connection.remoteAddress
64+
}
65+
} else {
66+
socket.ip = socket.upgradeReq.connection.remoteAddress.replace(common.REMOVE_IPV4_MAPPED_IPV6_RE, '') // force ipv4
67+
}
68+
6169
socket.port = socket.upgradeReq.connection.remotePort
6270
if (socket.port) {
6371
socket.addr = `${common.IPV6_RE.test(socket.ip) ? `[${socket.ip}]` : socket.ip}:${socket.port}`

0 commit comments

Comments
 (0)