Do not trust X-Real-IP header by default

Use -H option to whitelist header to trust for remote IP address. This is useful when a reverse proxy is used in front of ipd.
2025-07-21 00:06:08 +02:00 · 2016-04-17 15:52:06 +02:00
parent 270ffec441
commit 3134de8260
4 changed files with 32 additions and 14 deletions
--- a/api/api.go
+++ b/api/api.go
@ -24,8 +24,9 @@ var USER_AGENT_RE = regexp.MustCompile(

 type API struct {
 	Template      string
+	IPHeader      string
 	oracle        Oracle
-	ipFromRequest func(*http.Request) (net.IP, error)
+	ipFromRequest func(string, *http.Request) (net.IP, error)
 }

 type Response struct {
@ -48,8 +49,8 @@ func New(oracle Oracle) *API {
 	}
 }

-func ipFromRequest(r *http.Request) (net.IP, error) {
-	remoteIP := r.Header.Get("X-Real-IP")
+func ipFromRequest(header string, r *http.Request) (net.IP, error) {
+	remoteIP := r.Header.Get(header)
 	if remoteIP == "" {
 		host, _, err := net.SplitHostPort(r.RemoteAddr)
 		if err != nil {
@ -65,7 +66,7 @@ func ipFromRequest(r *http.Request) (net.IP, error) {
 }

 func (a *API) newResponse(r *http.Request) (Response, error) {
-	ip, err := a.ipFromRequest(r)
+	ip, err := a.ipFromRequest(a.IPHeader, r)
 	if err != nil {
 		return Response{}, err
 	}
@ -90,7 +91,7 @@ func (a *API) newResponse(r *http.Request) (Response, error) {
 }

 func (a *API) CLIHandler(w http.ResponseWriter, r *http.Request) *appError {
-	ip, err := a.ipFromRequest(r)
+	ip, err := a.ipFromRequest(a.IPHeader, r)
 	if err != nil {
 		return internalServerError(err)
 	}
@ -139,7 +140,7 @@ func (a *API) PortHandler(w http.ResponseWriter, r *http.Request) *appError {
 	if port < 1 || port > 65355 {
 		return badRequest(nil).WithMessage("Invalid port: " + vars["port"]).AsJSON()
 	}
-	ip, err := a.ipFromRequest(r)
+	ip, err := a.ipFromRequest(a.IPHeader, r)
 	if err != nil {
 		return internalServerError(err).AsJSON()
 	}