mirror of
https://github.com/dkmstr/openuds.git
synced 2024-12-22 13:34:04 +03:00
Now, trusted sources is also to identify a valid origin for a X_FORWARDED_FOR...
To be tested!
This commit is contained in:
parent
01353528dd
commit
8234becde2
@ -616,7 +616,7 @@ class GlobalConfig:
|
||||
'Trusted Hosts',
|
||||
'*',
|
||||
type=Config.FieldType.TEXT,
|
||||
help=_('Networks considered "trusted" for tunnel requests'),
|
||||
help=_('Networks considered "trusted" for UDS (Tunnels, Load Balancers, etc...)'),
|
||||
)
|
||||
|
||||
# Allow clients to notify their own ip (if set), or use always the request extracted IP
|
||||
|
@ -39,6 +39,7 @@ from uds.core.util import os_detector as OsDetector
|
||||
from uds.core.util.config import GlobalConfig
|
||||
from uds.core import consts, types
|
||||
from uds.core.auths.auth import (
|
||||
is_trusted_source,
|
||||
root_user,
|
||||
web_logout,
|
||||
)
|
||||
@ -91,7 +92,7 @@ def _fill_ips(request: 'ExtendedHttpRequest') -> None:
|
||||
# request.ip = PROXY3
|
||||
# request.ip_proxy = PROXY2
|
||||
|
||||
if behind_proxy:
|
||||
if behind_proxy and is_trusted_source(request.ip):
|
||||
request.ip = request.ip_proxy
|
||||
request.ip_proxy = proxies[1] if len(proxies) > 1 else request.ip
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user