diff --git a/server/src/uds/core/util/Config.py b/server/src/uds/core/util/Config.py index 4a2ba4249..3b493e556 100644 --- a/server/src/uds/core/util/Config.py +++ b/server/src/uds/core/util/Config.py @@ -282,6 +282,9 @@ class GlobalConfig(object): # Allow clients to notify their own ip (if set), or use always the request extracted IP HONOR_CLIENT_IP_NOTIFY = Config.section(SECURITY_SECTION).value('honorClientNotifyIP', '0', type=Config.BOOLEAN_FIELD) + # If there is a proxy in front of us + BEHIND_PROXY = Config.section(SECURITY_SECTION).value('Behind a proxy', '0', type=Config.BOOLEAN_FIELD) + # Clusters related vars # Maximum desired CPU Load. If cpu is over this value, a migration of a service is "desirable" diff --git a/server/src/uds/core/util/request.py b/server/src/uds/core/util/request.py index 80b27a8a0..7d25a1dc7 100644 --- a/server/src/uds/core/util/request.py +++ b/server/src/uds/core/util/request.py @@ -33,12 +33,13 @@ from __future__ import unicode_literals from uds.core.util import OsDetector from uds.core.auths.auth import ROOT_ID, USER_KEY, getRootUser +from uds.core.util.Config import GlobalConfig from uds.models import User import threading import logging -__updated__ = '2016-04-06' +__updated__ = '2016-04-22' logger = logging.getLogger(__name__) @@ -90,6 +91,7 @@ class GlobalRequestMiddleware(object): Returns the obtained IP, that is always be a valid ip address. ''' + behind_proxy = GlobalConfig.BEHIND_PROXY.getBool(False) try: request.ip = request.META['REMOTE_ADDR'] except: @@ -98,6 +100,11 @@ class GlobalRequestMiddleware(object): try: request.ip_proxy = request.META['HTTP_X_FORWARDED_FOR'].split(",")[0] + + if behind_proxy is True: + request.ip = request.ip_proxy + request.ip_proxy = request.META['HTTP_X_FORWARDED_FOR'].split(",")[1] # Try to get next proxy + request.is_proxy = True except: request.ip_proxy = request.ip