[ADD] functionality to read "x-forwarded-for" and "x-real-ip" headers when handling a request (!329)
I'm currently hosting the Project Fika Docker on a dedicated Server to have the Server up 24/7 without the need to let my PC run. When hosting this as a docker container behind traefik (reverse proxy), the logger currently logs the internal IP of the traefik container. This change makes it so that the headers that traefik/nginx can set are actually read and used. If these headers are not present, we fall back to the original method of using the `socket.remoteAdress`. Since this is for logging only, the security implications are minimal. Co-authored-by: Vincent Niehues <vincent.niehues@zeitag.ch> Reviewed-on: https://dev.sp-tarkov.com/SPT-AKI/Server/pulls/329 Co-authored-by: vniehues <vniehues@noreply.dev.sp-tarkov.com> Co-committed-by: vniehues <vniehues@noreply.dev.sp-tarkov.com>
This commit is contained in:
parent
9323db5b1c
commit
3e68297016
@ -79,9 +79,14 @@ export class HttpServer
|
||||
const sessionId = this.getCookies(req).PHPSESSID;
|
||||
this.applicationContext.addValue(ContextVariableType.SESSION_ID, sessionId);
|
||||
|
||||
// Extract headers for original IP detection
|
||||
const realIp = req.headers["x-real-ip"] as string;
|
||||
const forwardedFor = req.headers["x-forwarded-for"] as string;
|
||||
const clientIp = realIp || (forwardedFor ? forwardedFor.split(",")[0].trim() : req.socket.remoteAddress);
|
||||
|
||||
if (this.httpConfig.logRequests)
|
||||
{
|
||||
const isLocalRequest = this.isLocalRequest(req.socket.remoteAddress);
|
||||
const isLocalRequest = this.isLocalRequest(clientIp);
|
||||
if (typeof isLocalRequest !== "undefined")
|
||||
{
|
||||
if (isLocalRequest)
|
||||
@ -91,7 +96,7 @@ export class HttpServer
|
||||
else
|
||||
{
|
||||
this.logger.info(this.localisationService.getText("client_request_ip", {
|
||||
ip: req.socket.remoteAddress,
|
||||
ip: clientIp,
|
||||
url: req.url.replaceAll("/", "\\"), // Localisation service escapes `/` into hex code `/`
|
||||
}));
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user