Software / code / prosody
Changeset
8594:b4a0bc46c82d
mod_http: Set request.ip on all HTTP requests (moves code out of mod_bosh) (fixes #540)
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Thu, 15 Mar 2018 17:22:49 +0100 |
| parents | 8593:c4222e36333c |
| children | 8595:d3bbff01df9d |
| files | plugins/mod_bosh.lua plugins/mod_http.lua |
| diffstat | 2 files changed, 26 insertions(+), 17 deletions(-) [+] |
line wrap: on
line diff
--- a/plugins/mod_bosh.lua Sun Mar 11 06:01:19 2018 +0100 +++ b/plugins/mod_bosh.lua Thu Mar 15 17:22:49 2018 +0100 @@ -46,22 +46,6 @@ if cross_domain == true then cross_domain = "*"; end if type(cross_domain) == "table" then cross_domain = table.concat(cross_domain, ", "); end -local trusted_proxies = module:get_option_set("trusted_proxies", { "127.0.0.1", "::1" })._items; - -local function get_ip_from_request(request) - local ip = request.conn:ip(); - local forwarded_for = request.headers.x_forwarded_for; - if forwarded_for then - forwarded_for = forwarded_for..", "..ip; - for forwarded_ip in forwarded_for:gmatch("[^%s,]+") do - if not trusted_proxies[forwarded_ip] then - ip = forwarded_ip; - end - end - end - return ip; -end - local t_insert, t_remove, t_concat = table.insert, table.remove, table.concat; -- All sessions, and sessions that have no requests open @@ -307,7 +291,7 @@ requests = { }, send_buffer = {}, reset_stream = bosh_reset_stream, close = bosh_close_stream, dispatch_stanza = core_process_stanza, notopen = true, log = logger.init("bosh"..sid), secure = consider_bosh_secure or request.secure, - ip = get_ip_from_request(request); + ip = request.ip; }; sessions[sid] = session;
--- a/plugins/mod_http.lua Sun Mar 11 06:01:19 2018 +0100 +++ b/plugins/mod_http.lua Thu Mar 15 17:22:49 2018 +0100 @@ -150,6 +150,31 @@ end end +local trusted_proxies = module:get_option_set("trusted_proxies", { "127.0.0.1", "::1" })._items; + +local function get_ip_from_request(request) + local ip = request.conn:ip(); + local forwarded_for = request.headers.x_forwarded_for; + if forwarded_for then + forwarded_for = forwarded_for..", "..ip; + for forwarded_ip in forwarded_for:gmatch("[^%s,]+") do + if not trusted_proxies[forwarded_ip] then + ip = forwarded_ip; + end + end + end + return ip; +end + +module:wrap_object_event(server, false, function (handlers, event_name, event_data) + local request = event_data.request; + if request then + -- Not included in eg http-error events + request.ip = get_ip_from_request(request); + end + return handlers(event_name, event_data); +end); + module:provides("net", { name = "http"; listener = server.listener;
