dcarrillo/whatismyip
1
0
Fork 0
mirror of https://github.com/dcarrillo/whatismyip.git synced 2025-07-01 12:49:27 +00:00
Code Issues Projects Releases Wiki Activity

Remove headers set by a trusted proxy from outputs

Browse Source
This commit is contained in:
Daniel Carrillo
2022-05-02 18:00:36 +02:00
parent 7c70abf07f
commit 1ee7256506
7 changed files with 38 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
internal/httputils/http.go
View File

@ -3,9 +3,11 @@ package httputils
import (
"fmt"
"net/http"
"net/textproto"
"sort"
"strings"
"github.com/dcarrillo/whatismyip/internal/setting"
"github.com/gin-gonic/gin"
)
@ -32,6 +34,17 @@ func HeadersToSortedString(headers http.Header) string {
return output
}
// GetHeadersWithoutTrustedHeaders return a http.Heade object with the original headers except trusted headers
func GetHeadersWithoutTrustedHeaders(ctx *gin.Context) http.Header {
h := ctx.Request.Header
for _, k := range []string{setting.App.TrustedHeader, setting.App.TrustedPortHeader} {
delete(h, textproto.CanonicalMIMEHeaderKey(k))
}
return h
}
// GetLogFormatter returns our custom log format
func GetLogFormatter(param gin.LogFormatterParams) string {
return fmt.Sprintf("%s - [%s] \"%s %s %s\" %d %d %d %s \"%s\" \"%s\" \"%s\"\n",

10
internal/setting/app.go
View File

@ -70,15 +70,17 @@ func Setup(args []string) (output string, err error) {
)
flags.StringVar(&App.TLSCrtPath, "tls-crt", "", "When using TLS, path to certificate file")
flags.StringVar(&App.TLSKeyPath, "tls-key", "", "When using TLS, path to private key file")
flags.StringVar(&App.TrustedHeader,
flags.StringVar(
&App.TrustedHeader,
"trusted-header",
"",
"Trusted request header for remote IP (e.g. X-Real-IP)",
"Trusted request header for remote IP (e.g. X-Real-IP). When using this feature if -trusted-port-header is not set the client port is shown as 'unknown'",
)
flags.StringVar(&App.TrustedPortHeader,
flags.StringVar(
&App.TrustedPortHeader,
"trusted-port-header",
"",
"Trusted request header for remote client port (e.g. X-Real-Port)",
"Trusted request header for remote client port (e.g. X-Real-Port). When this parameter is set -trusted-header becomes mandatory",
)
flags.BoolVar(&App.version, "version", false, "Output version information and exit")
flags.BoolVar(