Merge 68ae08b048e21eb28e516e1d50d33dfa2f06d258 into b2b489dbf4826c2c630717a77fd5e42774625410

chore(context): always trust xff headers from unix socket (#3359 )
Co-authored-by: Bo-Yi Wu <appleboy.tw@gmail.com>
2026-06-12 16:48:19 +08:00 · 2026-01-18 14:22:35 +08:00 · 2026-01-18 12:56:22 +08:00 · 2026-01-03 23:55:29 +05:30 · 2026-01-03 23:48:28 +05:30
2 changed files with 32 additions and 8 deletions
--- a/context.go
+++ b/context.go
@ -978,14 +978,27 @@ func (c *Context) ClientIP() string {
 		}
 	}

-	// It also checks if the remoteIP is a trusted proxy or not.
-	// In order to perform this validation, it will see if the IP is contained within at least one of the CIDR blocks
-	// defined by Engine.SetTrustedProxies()
-	remoteIP := net.ParseIP(c.RemoteIP())
-	if remoteIP == nil {
-		return ""
+	var (
+		trusted  bool
+		remoteIP net.IP
+	)
+	// If gin is listening a unix socket, always trust it.
+	localAddr, ok := c.Request.Context().Value(http.LocalAddrContextKey).(net.Addr)
+	if ok && strings.HasPrefix(localAddr.Network(), "unix") {
+		trusted = true
+	}
+
+	// Fallback
+	if !trusted {
+		// It also checks if the remoteIP is a trusted proxy or not.
+		// In order to perform this validation, it will see if the IP is contained within at least one of the CIDR blocks
+		// defined by Engine.SetTrustedProxies()
+		remoteIP = net.ParseIP(c.RemoteIP())
+		if remoteIP == nil {
+			return ""
+		}
+		trusted = c.engine.isTrustedProxy(remoteIP)
 	}
-	trusted := c.engine.isTrustedProxy(remoteIP)

 	if trusted && c.engine.ForwardedByClientIP && c.engine.RemoteIPHeaders != nil {
 		for _, headerName := range c.engine.RemoteIPHeaders {
@ -1034,7 +1047,8 @@ func (c *Context) requestHeader(key string) string {
 // bodyAllowedForStatus is a copy of http.bodyAllowedForStatus non-exported function.
 func bodyAllowedForStatus(status int) bool {
 	switch {
-	case status >= 100 && status <= 199:
+	// body isn't allowed for 1xx informational responses
+	case status >= http.StatusContinue && status <= 199:
 		return false
 	case status == http.StatusNoContent:
 		return false
--- a/context_test.go
+++ b/context_test.go
@ -1915,6 +1915,16 @@ func TestContextClientIP(t *testing.T) {
 	c.engine.trustedCIDRs, _ = c.engine.prepareTrustedCIDRs()
 	resetContextForClientIPTests(c)

+	// unix address
+	addr := &net.UnixAddr{Net: "unix", Name: "@"}
+	c.Request = c.Request.WithContext(context.WithValue(c.Request.Context(), http.LocalAddrContextKey, addr))
+	c.Request.RemoteAddr = addr.String()
+	assert.Equal(t, "20.20.20.20", c.ClientIP())
+
+	// reset
+	c.Request = c.Request.WithContext(context.Background())
+	resetContextForClientIPTests(c)
+
 	// Legacy tests (validating that the defaults don't break the
 	// (insecure!) old behaviour)
 	assert.Equal(t, "20.20.20.20", c.ClientIP())
Author	SHA1	Message	Date
anfaas1618	9d6fd217f3	Merge 68ae08b048e21eb28e516e1d50d33dfa2f06d258 into b2b489dbf4826c2c630717a77fd5e42774625410	2026-01-18 14:22:35 +08:00
WeidiDeng	b2b489dbf4	chore(context): always trust xff headers from unix socket (#3359 ) Co-authored-by: Bo-Yi Wu <appleboy.tw@gmail.com>	2026-01-18 12:56:22 +08:00
anfaas1618	68ae08b048	Add comment for bodyAllowedForStatus to clarify 1xx response handling	2026-01-03 23:55:29 +05:30
anfaas1618	762433d85e	Use `http.StatusContinue` constant for clarity in status code comparison	2026-01-03 23:48:28 +05:30