prosody
61cf3e7d7f07
plugins/mod_bosh.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Comparison

plugins/mod_bosh.lua @ 3472:61cf3e7d7f07

mod_bosh: Support for reading the client's real IP through HTTP proxies from X-Forwarded-For
author Matthew Wild <mwild1@gmail.com>
date Sat, 28 Aug 2010 22:25:12 +0100
parent 3460:742f6e5a4066
child 3492:6d782b1fcc8a
comparison
equal deleted inserted replaced
3471:482275e38224 3472:61cf3e7d7f07
51 cross_domain = table.concat(cross_domain, ", "); 51 cross_domain = table.concat(cross_domain, ", ");
52 end 52 end
53 if type(cross_domain) == "string" then 53 if type(cross_domain) == "string" then
54 default_headers["Access-Control-Allow-Origin"] = cross_domain; 54 default_headers["Access-Control-Allow-Origin"] = cross_domain;
55 end 55 end
56 end
57
58 local trusted_proxies = module:get_option_set("trusted_proxies", {"127.0.0.1"})._items;
59
60 local function get_ip_from_request(request)
61 local ip = request.handler:ip();
62 local forwarded_for = request.headers["x-forwarded-for"];
63 if forwarded_for then
64 forwarded_for = forwarded_for..", "..ip;
65 for forwarded_ip in forwarded_for:gmatch("[^%s,]+") do
66 if not trusted_proxies[forwarded_ip] then
67 ip = forwarded_ip;
68 end
69 end
70 end
71 return ip;
56 end 72 end
57 73
58 local t_insert, t_remove, t_concat = table.insert, table.remove, table.concat; 74 local t_insert, t_remove, t_concat = table.insert, table.remove, table.concat;
59 local os_time = os.time; 75 local os_time = os.time;
60 76
214 type = "c2s_unauthed", conn = {}, sid = sid, rid = tonumber(attr.rid), host = attr.to, 230 type = "c2s_unauthed", conn = {}, sid = sid, rid = tonumber(attr.rid), host = attr.to,
215 bosh_version = attr.ver, bosh_wait = attr.wait, streamid = sid, 231 bosh_version = attr.ver, bosh_wait = attr.wait, streamid = sid,
216 bosh_hold = BOSH_DEFAULT_HOLD, bosh_max_inactive = BOSH_DEFAULT_INACTIVITY, 232 bosh_hold = BOSH_DEFAULT_HOLD, bosh_max_inactive = BOSH_DEFAULT_INACTIVITY,
217 requests = { }, send_buffer = {}, reset_stream = bosh_reset_stream, 233 requests = { }, send_buffer = {}, reset_stream = bosh_reset_stream,
218 close = bosh_close_stream, dispatch_stanza = core_process_stanza, 234 close = bosh_close_stream, dispatch_stanza = core_process_stanza,
219 log = logger.init("bosh"..sid), secure = consider_bosh_secure or request.secure 235 log = logger.init("bosh"..sid), secure = consider_bosh_secure or request.secure,
236 ip = get_ip_from_request(request);
220 }; 237 };
221 sessions[sid] = session; 238 sessions[sid] = session;
222 239
240 session.log("debug", "BOSH session created for request from %s", session.ip);
223 log("info", "New BOSH session, assigned it sid '%s'", sid); 241 log("info", "New BOSH session, assigned it sid '%s'", sid);
224 local r, send_buffer = session.requests, session.send_buffer; 242 local r, send_buffer = session.requests, session.send_buffer;
225 local response = { headers = default_headers } 243 local response = { headers = default_headers }
226 function session.send(s) 244 function session.send(s)
227 -- We need to ensure that outgoing stanzas have the jabber:client xmlns 245 -- We need to ensure that outgoing stanzas have the jabber:client xmlns
322 local session = sessions[request.sid]; 340 local session = sessions[request.sid];
323 if session then 341 if session then
324 if stanza.attr.xmlns == xmlns_bosh then 342 if stanza.attr.xmlns == xmlns_bosh then
325 stanza.attr.xmlns = nil; 343 stanza.attr.xmlns = nil;
326 end 344 end
327 session.ip = request.handler:ip();
328 core_process_stanza(session, stanza); 345 core_process_stanza(session, stanza);
329 end 346 end
330 end 347 end
331 348
332 function stream_callbacks.error(request, error) 349 function stream_callbacks.error(request, error)