removed RequestEvent.UnsafeRealIP
This commit is contained in:
Gani Georgiev
@@ -96,37 +96,6 @@ func (e *Event) RemoteIP() string {
|
||||
return parsed.StringExpanded()
|
||||
}
|
||||
|
||||
// UnsafeRealIP returns the "real" client IP from common proxy headers
|
||||
// OR fallbacks to the RemoteIP if none is found.
|
||||
//
|
||||
// NB! The returned IP value could be anything and it shouldn't be trusted if not behind a trusted reverse proxy!
|
||||
func (e *Event) UnsafeRealIP() string {
|
||||
if ip := e.Request.Header.Get("CF-Connecting-IP"); ip != "" {
|
||||
return ip
|
||||
}
|
||||
|
||||
if ip := e.Request.Header.Get("Fly-Client-IP"); ip != "" {
|
||||
return ip
|
||||
}
|
||||
|
||||
if ip := e.Request.Header.Get("X-Real-IP"); ip != "" {
|
||||
return ip
|
||||
}
|
||||
|
||||
if ipsList := e.Request.Header.Get("X-Forwarded-For"); ipsList != "" {
|
||||
// extract the first non-empty leftmost-ish ip
|
||||
ips := strings.Split(ipsList, ",")
|
||||
for _, ip := range ips {
|
||||
ip = strings.TrimSpace(ip)
|
||||
if ip != "" {
|
||||
return ip
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return e.RemoteIP()
|
||||
}
|
||||
|
||||
// FindUploadedFiles extracts all form files of "key" from a http request
|
||||
// and returns a slice with filesystem.File instances (if any).
|
||||
func (e *Event) FindUploadedFiles(key string) ([]*filesystem.File, error) {
|
||||
|
||||
@@ -219,65 +219,6 @@ func TestEventRemoteIP(t *testing.T) {
|
||||
}
|
||||
}
|
||||
|
||||
func TestEventUnsafeRealIP(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
scenarios := []struct {
|
||||
headers map[string]string
|
||||
expected string
|
||||
}{
|
||||
{nil, "1.2.3.4"},
|
||||
{
|
||||
map[string]string{"CF-Connecting-IP": "test"},
|
||||
"test",
|
||||
},
|
||||
{
|
||||
map[string]string{"Fly-Client-IP": "test"},
|
||||
"test",
|
||||
},
|
||||
{
|
||||
map[string]string{"X-Real-IP": "test"},
|
||||
"test",
|
||||
},
|
||||
{
|
||||
map[string]string{"X-Forwarded-For": "test1,test2,test3"},
|
||||
"test1",
|
||||
},
|
||||
}
|
||||
|
||||
for i, s := range scenarios {
|
||||
keys := make([]string, 0, len(s.headers))
|
||||
for h := range s.headers {
|
||||
keys = append(keys, h)
|
||||
}
|
||||
|
||||
testName := strings.Join(keys, "_")
|
||||
if testName == "" {
|
||||
testName = "no_headers" + strconv.Itoa(i)
|
||||
}
|
||||
|
||||
t.Run(testName, func(t *testing.T) {
|
||||
req, err := http.NewRequest(http.MethodGet, "/", nil)
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
req.RemoteAddr = "1.2.3.4:80" // fallback
|
||||
|
||||
for k, v := range s.headers {
|
||||
req.Header.Set(k, v)
|
||||
}
|
||||
|
||||
event := router.Event{Request: req}
|
||||
|
||||
ip := event.UnsafeRealIP()
|
||||
|
||||
if ip != s.expected {
|
||||
t.Fatalf("Expected IP %q, got %q", s.expected, ip)
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
func TestFindUploadedFiles(t *testing.T) {
|
||||
scenarios := []struct {
|
||||
filename string
|
||||
|
||||
Reference in New Issue
Block a user