diff --git a/server/src/uds/core/util/Config.py b/server/src/uds/core/util/Config.py index 4a2ba4249..3b493e556 100644 --- a/server/src/uds/core/util/Config.py +++ b/server/src/uds/core/util/Config.py @@ -282,6 +282,9 @@ class GlobalConfig(object): # Allow clients to notify their own ip (if set), or use always the request extracted IP HONOR_CLIENT_IP_NOTIFY = Config.section(SECURITY_SECTION).value('honorClientNotifyIP', '0', type=Config.BOOLEAN_FIELD) + # If there is a proxy in front of us + BEHIND_PROXY = Config.section(SECURITY_SECTION).value('Behind a proxy', '0', type=Config.BOOLEAN_FIELD) + # Clusters related vars # Maximum desired CPU Load. If cpu is over this value, a migration of a service is "desirable" diff --git a/server/src/uds/core/util/request.py b/server/src/uds/core/util/request.py index 80b27a8a0..3e4a8e897 100644 --- a/server/src/uds/core/util/request.py +++ b/server/src/uds/core/util/request.py @@ -90,6 +90,7 @@ class GlobalRequestMiddleware(object): Returns the obtained IP, that is always be a valid ip address. ''' + behind_proxy = GlobalConfig.BEHIND_PROXY.getBool(False) try: request.ip = request.META['REMOTE_ADDR'] except: @@ -98,6 +99,11 @@ class GlobalRequestMiddleware(object): try: request.ip_proxy = request.META['HTTP_X_FORWARDED_FOR'].split(",")[0] + + if behind_proxy is True: + request.ip = request.ip_proxy + request.ip_proxy = request.META['HTTP_X_FORWARDED_FOR'].split(",")[1] # Try to get next proxy + request.is_proxy = True except: request.ip_proxy = request.ip