From 41a41597662ddd5f2a4963108aa72d9da2a6cc6b Mon Sep 17 00:00:00 2001
From: trigun <smagin@devgroup.ru>
Date: Fri, 3 Mar 2023 12:42:18 +0300
Subject: [PATCH] fix bug in validateHeader

---
 gin.go | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/gin.go b/gin.go
index f95e5dda..4ca5523b 100644
--- a/gin.go
+++ b/gin.go
@@ -463,17 +463,20 @@ func (engine *Engine) validateHeader(header string) (clientIP string, valid bool
 	for i := len(items) - 1; i >= 0; i-- {
 		ipStr := strings.TrimSpace(items[i])
 		ip := net.ParseIP(ipStr)
+		valid = true
+
 		if ip == nil {
-			break
+			ipStr = ""
+			valid = false
 		}
 
 		// X-Forwarded-For is appended by proxy
 		// Check IPs in reverse order and stop when find untrusted proxy
-		if (i == 0) || (!engine.isTrustedProxy(ip)) {
-			return ipStr, true
+		if valid && (!engine.isTrustedProxy(ip)) {
+			return ipStr, valid
 		}
 	}
-	return "", false
+	return "", valid
 }
 
 // parseIP parse a string representation of an IP and returns a net.IP with the