mod_http: Set request.ip on all HTTP requests (moves code out of mod_bosh) (fixes #540)

author: Kim Alvefur <zash@zash.se> 2018-03-15 17:22:49 +0100
committer: Kim Alvefur <zash@zash.se> 2018-03-15 17:22:49 +0100
commit: 4cdc813fed0cd2dfa6c3c9954650d581b9b90ee3 (patch)
tree: 347ac5acccc29008853044f7066673341fc1e7b6 /plugins/mod_http.lua
parent: cdd71f28aca6e776e54f7518069122b5dd637bf0 (diff)
download: prosody-4cdc813fed0cd2dfa6c3c9954650d581b9b90ee3.tar.gz
prosody-4cdc813fed0cd2dfa6c3c9954650d581b9b90ee3.zip
1 files changed, 25 insertions, 0 deletions
diff --git a/plugins/mod_http.lua b/plugins/mod_http.lua
index ab7990f0..e6cbfc78 100644
--- a/plugins/mod_http.lua
+++ b/plugins/mod_http.lua
@@ -150,6 +150,31 @@ function module.add_host(module)
 	end
 end
 
+local trusted_proxies = module:get_option_set("trusted_proxies", { "127.0.0.1", "::1" })._items;
+
+local function get_ip_from_request(request)
+	local ip = request.conn:ip();
+	local forwarded_for = request.headers.x_forwarded_for;
+	if forwarded_for then
+		forwarded_for = forwarded_for..", "..ip;
+		for forwarded_ip in forwarded_for:gmatch("[^%s,]+") do
+			if not trusted_proxies[forwarded_ip] then
+				ip = forwarded_ip;
+			end
+		end
+	end
+	return ip;
+end
+
+module:wrap_object_event(server, false, function (handlers, event_name, event_data)
+	local request = event_data.request;
+	if request then
+		-- Not included in eg http-error events
+		request.ip = get_ip_from_request(request);
+	end
+	return handlers(event_name, event_data);
+end);
+
 module:provides("net", {
 	name = "http";
 	listener = server.listener;
author	Kim Alvefur <zash@zash.se>	2018-03-15 17:22:49 +0100
committer	Kim Alvefur <zash@zash.se>	2018-03-15 17:22:49 +0100
commit	4cdc813fed0cd2dfa6c3c9954650d581b9b90ee3 (patch)
tree	347ac5acccc29008853044f7066673341fc1e7b6 /plugins/mod_http.lua
parent	cdd71f28aca6e776e54f7518069122b5dd637bf0 (diff)
download	prosody-4cdc813fed0cd2dfa6c3c9954650d581b9b90ee3.tar.gz prosody-4cdc813fed0cd2dfa6c3c9954650d581b9b90ee3.zip