sendnrw/netbird
2
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2026-04-18 16:26:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

Set forwarded headers from trusted proxies only

Browse Source
This commit is contained in:
Viktor Liu
2026-02-08 17:31:10 +08:00
parent 5190923c70
commit ed58659a01
12 changed files with 608 additions and 57 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
proxy/internal/accesslog/middleware.go
View File

@@ -24,14 +24,15 @@ func (l *Logger) Middleware(next http.Handler) http.Handler {
status: http.StatusOK,
}
// Get the source IP before passing the request on as the proxy will modify
// headers that we wish to use to gather that information on the request.
sourceIp := extractSourceIP(r)
// Resolve the source IP using trusted proxy configuration before passing
// the request on, as the proxy will modify forwarding headers.
sourceIp := extractSourceIP(r, l.trustedProxies)
// Create a mutable struct to capture data from downstream handlers.
// We pass a pointer in the context - the pointer itself flows down immutably,
// but the struct it points to can be mutated by inner handlers.
capturedData := &proxy.CapturedData{RequestID: requestID}
capturedData.SetClientIP(sourceIp)
ctx := proxy.WithCapturedData(r.Context(), capturedData)
start := time.Now()