blackteay/gin
3
0
Fork 0
mirror of https://github.com/gin-gonic/gin.git synced 2026-06-05 02:18:15 +08:00
Code Issues Projects Releases Wiki Activity

Fix ClientIP calculation by concatenating all RemoteIPHeaders values

Browse Source
This commit is contained in:
nurysso 2025-12-13 16:30:33 +05:30
parent d1a15347b1
commit aaa10ab032
2 changed files with 58 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
context.go
View File

@ -989,7 +989,8 @@ func (c *Context) ClientIP() string {
if trusted && c.engine.ForwardedByClientIP && c.engine.RemoteIPHeaders != nil { if trusted && c.engine.ForwardedByClientIP && c.engine.RemoteIPHeaders != nil {
for _, headerName := range c.engine.RemoteIPHeaders { for _, headerName := range c.engine.RemoteIPHeaders {
ip, valid := c.engine.validateHeader(c.requestHeader(headerName)) headerValue := strings.Join(c.Request.Header.Values(headerName), ",")
ip, valid := c.engine.validateHeader(headerValue)
if valid { if valid {
return ip return ip
} }

56
context_test.go
View File

@ -1143,6 +1143,62 @@ func TestContextRenderNoContentIndentedJSON(t *testing.T) {
assert.Equal(t, "application/json; charset=utf-8", w.Header().Get("Content-Type")) assert.Equal(t, "application/json; charset=utf-8", w.Header().Get("Content-Type"))
} }
func TestContextClientIPWithMultipleHeaders(t *testing.T) {
// Create a new Gin engine
engine := New()
// Set trusted proxies
engine.SetTrustedProxies([]string{"127.0.0.1"})
engine.ForwardedByClientIP = true
engine.RemoteIPHeaders = []string{"X-Forwarded-For"}
// Create a test request with multiple X-Forwarded-For headers
req := httptest.NewRequest("GET", "/test", nil)
req.Header.Add("X-Forwarded-For", "1.2.3.4, 127.0.0.1")
req.Header.Add("X-Forwarded-For", "5.6.7.8")
req.RemoteAddr = "127.0.0.1:1234"
// Create response recorder
w := httptest.NewRecorder()
// Create context
c, _ := CreateTestContext(w)
c.Request = req
c.engine = engine
// Test ClientIP
clientIP := c.ClientIP()
// Should return 5.6.7.8 (the last non-trusted IP)
expected := "5.6.7.8"
if clientIP != expected {
t.Errorf("Expected ClientIP to be %s, got %s", expected, clientIP)
}
}
func TestContextClientIPWithSingleHeader(t *testing.T) {
engine := New()
engine.SetTrustedProxies([]string{"127.0.0.1"})
engine.ForwardedByClientIP = true
engine.RemoteIPHeaders = []string{"X-Forwarded-For"}
req := httptest.NewRequest("GET", "/test", nil)
req.Header.Set("X-Forwarded-For", "1.2.3.4, 127.0.0.1")
req.RemoteAddr = "127.0.0.1:1234"
w := httptest.NewRecorder()
c, _ := CreateTestContext(w)
c.Request = req
c.engine = engine
clientIP := c.ClientIP()
// Should return 1.2.3.4
expected := "1.2.3.4"
if clientIP != expected {
t.Errorf("Expected ClientIP to be %s, got %s", expected, clientIP)
}
}
// Tests that the response is serialized as Secure JSON // Tests that the response is serialized as Secure JSON
// and Content-Type is set to application/json // and Content-Type is set to application/json
func TestContextRenderSecureJSON(t *testing.T) { func TestContextRenderSecureJSON(t *testing.T) {