470486104/Server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[ADD] functionality to read "x-forwarded-for" and "x-real-ip" headers when handling a request (!329)

Browse Source 
I'm currently hosting the Project Fika Docker on a dedicated Server to have the Server up 24/7 without the need to let my PC run.
When hosting this as a docker container behind traefik (reverse proxy), the logger currently logs the internal IP of the traefik container.
This change makes it so that the headers that traefik/nginx can set are actually read and used. If these headers are not present, we fall back to the original method of using the `socket.remoteAdress`.
Since this is for logging only, the security implications are minimal.

Co-authored-by: Vincent Niehues <vincent.niehues@zeitag.ch>
Reviewed-on: https://dev.sp-tarkov.com/SPT-AKI/Server/pulls/329
Co-authored-by: vniehues <vniehues@noreply.dev.sp-tarkov.com>
Co-committed-by: vniehues <vniehues@noreply.dev.sp-tarkov.com>
This commit is contained in:
vniehues 2024-05-12 13:56:03 +00:00 committed by chomp
parent 9323db5b1c
commit 3e68297016
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
project/src/servers/HttpServer.ts
View File

@ -79,9 +79,14 @@ export class HttpServer
const sessionId = this.getCookies(req).PHPSESSID; const sessionId = this.getCookies(req).PHPSESSID;
this.applicationContext.addValue(ContextVariableType.SESSION_ID, sessionId); this.applicationContext.addValue(ContextVariableType.SESSION_ID, sessionId);
// Extract headers for original IP detection
const realIp = req.headers["x-real-ip"] as string;
const forwardedFor = req.headers["x-forwarded-for"] as string;
const clientIp = realIp || (forwardedFor ? forwardedFor.split(",")[0].trim() : req.socket.remoteAddress);
if (this.httpConfig.logRequests) if (this.httpConfig.logRequests)
{ {
const isLocalRequest = this.isLocalRequest(req.socket.remoteAddress); const isLocalRequest = this.isLocalRequest(clientIp);
if (typeof isLocalRequest !== "undefined") if (typeof isLocalRequest !== "undefined")
{ {
if (isLocalRequest) if (isLocalRequest)
@ -91,7 +96,7 @@ export class HttpServer
else else
{ {
this.logger.info(this.localisationService.getText("client_request_ip", { this.logger.info(this.localisationService.getText("client_request_ip", {
ip: req.socket.remoteAddress, ip: clientIp,
url: req.url.replaceAll("/", "\\"), // Localisation service escapes `/` into hex code `&#x2f;` url: req.url.replaceAll("/", "\\"), // Localisation service escapes `/` into hex code `&#x2f;`
})); }));
} }