prosody
22f783d80eec
plugins/mod_http.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Comparison

plugins/mod_http.lua @ 10841:22f783d80eec

mod_http: Tell luacheck to ignore the long comment lines
author Kim Alvefur <zash@zash.se>
date Thu, 14 May 2020 16:55:01 +0200
parent 10840:a83bfb266b15
child 10923:dff1aebd0f2b
comparison
equal deleted inserted replaced
10840:a83bfb266b15 10841:22f783d80eec
206 206
207 local function get_ip_from_request(request) 207 local function get_ip_from_request(request)
208 local ip = request.conn:ip(); 208 local ip = request.conn:ip();
209 local forwarded_for = request.headers.x_forwarded_for; 209 local forwarded_for = request.headers.x_forwarded_for;
210 if forwarded_for then 210 if forwarded_for then
211 -- luacheck: ignore 631
211 -- This logic looks weird at first, but it makes sense. 212 -- This logic looks weird at first, but it makes sense.
212 -- The for loop will take the last non-trusted-proxy IP from `forwarded_for`. 213 -- The for loop will take the last non-trusted-proxy IP from `forwarded_for`.
213 -- We append the original request IP to the header. Then, since the last IP wins, there are two cases: 214 -- We append the original request IP to the header. Then, since the last IP wins, there are two cases:
214 -- Case a) The original request IP is *not* in trusted proxies, in which case the X-Forwarded-For header will, effectively, be ineffective; the original request IP will win because it overrides any other IP in the header. 215 -- Case a) The original request IP is *not* in trusted proxies, in which case the X-Forwarded-For header will, effectively, be ineffective; the original request IP will win because it overrides any other IP in the header.
215 -- Case b) The original request IP is in trusted proxies. In that case, the if branch in the for loop will skip the last IP, causing it to be ignored. The second-to-last IP will be taken instead. 216 -- Case b) The original request IP is in trusted proxies. In that case, the if branch in the for loop will skip the last IP, causing it to be ignored. The second-to-last IP will be taken instead.