blackteay/gin
3
0
Fork 0
mirror of https://github.com/gin-gonic/gin.git synced 2025-10-18 06:42:10 +08:00
Code Issues Projects Releases Wiki Activity

fix error

Browse Source
This commit is contained in:
thinkerou 2021-03-27 11:32:49 +08:00
parent 7e649c347f
commit 08766787f9
3 changed files with 38 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
context.go
View File

@ -741,6 +741,7 @@ func (c *Context) ClientIP() string {
if remoteIP == nil { if remoteIP == nil {
return "" return ""
} }
if trusted && c.engine.ForwardedByClientIP && c.engine.RemoteIPHeaders != nil { if trusted && c.engine.ForwardedByClientIP && c.engine.RemoteIPHeaders != nil {
for _, headerName := range c.engine.RemoteIPHeaders { for _, headerName := range c.engine.RemoteIPHeaders {
ip, valid := validateHeader(c.requestHeader(headerName)) ip, valid := validateHeader(c.requestHeader(headerName))
@ -765,13 +766,19 @@ func (c *Context) RemoteIP() (net.IP, bool) {
if remoteIP == nil { if remoteIP == nil {
return nil, false return nil, false
} }
if c.engine.trustedCIDRs != nil {
for _, cidr := range c.engine.trustedCIDRs { trustedCIDRs, err := c.engine.prepareTrustedCIDRs()
if cidr.Contains(remoteIP) { if err == nil {
return remoteIP, true c.engine.trustedCIDRs = trustedCIDRs
if c.engine.trustedCIDRs != nil {
for _, cidr := range c.engine.trustedCIDRs {
if cidr.Contains(remoteIP) {
return remoteIP, true
}
} }
} }
} }
return remoteIP, false return remoteIP, false
} }

4
context_test.go
View File

@ -1430,7 +1430,7 @@ func TestContextClientIP(t *testing.T) {
// Only trust RemoteAddr // Only trust RemoteAddr
c.engine.TrustedProxies = []string{"40.40.40.40"} c.engine.TrustedProxies = []string{"40.40.40.40"}
assert.Equal(t, "30.30.30.30", c.ClientIP()) assert.Equal(t, "20.20.20.20", c.ClientIP())
// All steps are trusted // All steps are trusted
c.engine.TrustedProxies = []string{"40.40.40.40", "30.30.30.30", "20.20.20.20"} c.engine.TrustedProxies = []string{"40.40.40.40", "30.30.30.30", "20.20.20.20"}
@ -1442,7 +1442,7 @@ func TestContextClientIP(t *testing.T) {
// Use hostname that resolves to all the proxies // Use hostname that resolves to all the proxies
c.engine.TrustedProxies = []string{"foo"} c.engine.TrustedProxies = []string{"foo"}
assert.Equal(t, "20.20.20.20", c.ClientIP()) assert.Equal(t, "40.40.40.40", c.ClientIP())
// Use hostname that returns an error // Use hostname that returns an error
c.engine.TrustedProxies = []string{"bar"} c.engine.TrustedProxies = []string{"bar"}

49
gin.go
View File

@ -338,31 +338,32 @@ func (engine *Engine) Run(addr ...string) (err error) {
} }
func (engine *Engine) prepareTrustedCIDRs() ([]*net.IPNet, error) { func (engine *Engine) prepareTrustedCIDRs() ([]*net.IPNet, error) {
if engine.TrustedProxies != nil { if engine.TrustedProxies == nil {
cidr := make([]*net.IPNet, 0, len(engine.TrustedProxies)) return nil, nil
for _, trustedProxy := range engine.TrustedProxies {
if !strings.Contains(trustedProxy, "/") {
ip := parseIP(trustedProxy)
if ip == nil {
return cidr, &net.ParseError{Type: "IP address", Text: trustedProxy}
}
switch len(ip) {
case net.IPv4len:
trustedProxy += "/32"
case net.IPv6len:
trustedProxy += "/128"
}
}
_, cidrNet, err := net.ParseCIDR(trustedProxy)
if err != nil {
return cidr, err
}
cidr = append(cidr, cidrNet)
}
return cidr, nil
} }
return nil, nil
cidr := make([]*net.IPNet, 0, len(engine.TrustedProxies))
for _, trustedProxy := range engine.TrustedProxies {
if !strings.Contains(trustedProxy, "/") {
ip := parseIP(trustedProxy)
if ip == nil {
return cidr, &net.ParseError{Type: "IP address", Text: trustedProxy}
}
switch len(ip) {
case net.IPv4len:
trustedProxy += "/32"
case net.IPv6len:
trustedProxy += "/128"
}
}
_, cidrNet, err := net.ParseCIDR(trustedProxy)
if err != nil {
return cidr, err
}
cidr = append(cidr, cidrNet)
}
return cidr, nil
} }
// parseIP parse a string representation of an IP and returns a net.IP with the // parseIP parse a string representation of an IP and returns a net.IP with the