# HG changeset patch # User Kim Alvefur # Date 1521130969 -3600 # Node ID b4a0bc46c82ddb835c984228332ebe2488392f9e # Parent c4222e36333c37e1e21f12165dbf417772b72cf7 mod_http: Set request.ip on all HTTP requests (moves code out of mod_bosh) (fixes #540) diff -r c4222e36333c -r b4a0bc46c82d plugins/mod_bosh.lua --- a/plugins/mod_bosh.lua Sun Mar 11 06:01:19 2018 +0100 +++ b/plugins/mod_bosh.lua Thu Mar 15 17:22:49 2018 +0100 @@ -46,22 +46,6 @@ if cross_domain == true then cross_domain = "*"; end if type(cross_domain) == "table" then cross_domain = table.concat(cross_domain, ", "); end -local trusted_proxies = module:get_option_set("trusted_proxies", { "127.0.0.1", "::1" })._items; - -local function get_ip_from_request(request) - local ip = request.conn:ip(); - local forwarded_for = request.headers.x_forwarded_for; - if forwarded_for then - forwarded_for = forwarded_for..", "..ip; - for forwarded_ip in forwarded_for:gmatch("[^%s,]+") do - if not trusted_proxies[forwarded_ip] then - ip = forwarded_ip; - end - end - end - return ip; -end - local t_insert, t_remove, t_concat = table.insert, table.remove, table.concat; -- All sessions, and sessions that have no requests open @@ -307,7 +291,7 @@ requests = { }, send_buffer = {}, reset_stream = bosh_reset_stream, close = bosh_close_stream, dispatch_stanza = core_process_stanza, notopen = true, log = logger.init("bosh"..sid), secure = consider_bosh_secure or request.secure, - ip = get_ip_from_request(request); + ip = request.ip; }; sessions[sid] = session; diff -r c4222e36333c -r b4a0bc46c82d plugins/mod_http.lua --- a/plugins/mod_http.lua Sun Mar 11 06:01:19 2018 +0100 +++ b/plugins/mod_http.lua Thu Mar 15 17:22:49 2018 +0100 @@ -150,6 +150,31 @@ end end +local trusted_proxies = module:get_option_set("trusted_proxies", { "127.0.0.1", "::1" })._items; + +local function get_ip_from_request(request) + local ip = request.conn:ip(); + local forwarded_for = request.headers.x_forwarded_for; + if forwarded_for then + forwarded_for = forwarded_for..", "..ip; + for forwarded_ip in forwarded_for:gmatch("[^%s,]+") do + if not trusted_proxies[forwarded_ip] then + ip = forwarded_ip; + end + end + end + return ip; +end + +module:wrap_object_event(server, false, function (handlers, event_name, event_data) + local request = event_data.request; + if request then + -- Not included in eg http-error events + request.ip = get_ip_from_request(request); + end + return handlers(event_name, event_data); +end); + module:provides("net", { name = "http"; listener = server.listener;