blackteay/gin
3
0
Fork 0
mirror of https://github.com/gin-gonic/gin.git synced 2025-10-16 21:32:11 +08:00
Code Issues Projects Releases Wiki Activity

Revert "rationalize return logic in validateHeader()"

Browse Source 
This reverts commit 513b59fa8875d77c86f122af4bb0cc547eb98c8f.
This commit is contained in:
Notealot 2021-10-27 09:13:32 +08:00
parent 513b59fa88
commit 84ec44d9d7
1 changed files with 15 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
gin.go
View File

@ -416,23 +416,24 @@ func (engine *Engine) isTrustedProxy(ip net.IP) bool {
}
func (engine *Engine) validateHeader(header string) (clientIP string, valid bool) {
if header != "" {
items := strings.Split(header, ",")
for i := len(items) - 1; i >= 0; i-- {
ipStr := strings.TrimSpace(items[i])
ip := net.ParseIP(ipStr)
if ip == nil {
return "", false
}
if header == "" {
return "", false
}
items := strings.Split(header, ",")
for i := len(items) - 1; i >= 0; i-- {
ipStr := strings.TrimSpace(items[i])
ip := net.ParseIP(ipStr)
if ip == nil {
return "", false
}
// X-Forwarded-For is appended by proxy
// Check IPs in reverse order and stop when find untrusted proxy
if (i == 0) || (!engine.isTrustedProxy(ip)) {
return ipStr, true
}
// X-Forwarded-For is appended by proxy
// Check IPs in reverse order and stop when find untrusted proxy
if (i == 0) || (!engine.isTrustedProxy(ip)) {
return ipStr, true
}
}
return "", false
return
}
// parseTrustedProxies parse Engine.trustedProxies to Engine.trustedCIDRs