1
0
mirror of https://github.com/dkmstr/openuds.git synced 2024-12-22 13:34:04 +03:00

Now, trusted sources is also to identify a valid origin for a X_FORWARDED_FOR...

To be tested!
This commit is contained in:
Adolfo Gómez García 2024-08-19 04:03:24 +02:00
parent 01353528dd
commit 8234becde2
No known key found for this signature in database
GPG Key ID: DD1ABF20724CDA23
2 changed files with 3 additions and 2 deletions

View File

@ -616,7 +616,7 @@ class GlobalConfig:
'Trusted Hosts',
'*',
type=Config.FieldType.TEXT,
help=_('Networks considered "trusted" for tunnel requests'),
help=_('Networks considered "trusted" for UDS (Tunnels, Load Balancers, etc...)'),
)
# Allow clients to notify their own ip (if set), or use always the request extracted IP

View File

@ -39,6 +39,7 @@ from uds.core.util import os_detector as OsDetector
from uds.core.util.config import GlobalConfig
from uds.core import consts, types
from uds.core.auths.auth import (
is_trusted_source,
root_user,
web_logout,
)
@ -91,7 +92,7 @@ def _fill_ips(request: 'ExtendedHttpRequest') -> None:
# request.ip = PROXY3
# request.ip_proxy = PROXY2
if behind_proxy:
if behind_proxy and is_trusted_source(request.ip):
request.ip = request.ip_proxy
request.ip_proxy = proxies[1] if len(proxies) > 1 else request.ip