mirror of
https://github.com/oauth2-proxy/oauth2-proxy.git
synced 2025-05-27 23:08:10 +02:00
Allow parsing remote address headers over unix sockets
When listening to a unix socket there is no RemoteAddr for http.Request. Instead of setting nil, Go sets it to '@'. Marking the IP as trusted if RemoteAddr allows rest of the settings for parsing remote address in headers to be applied. Signed-off-by: Josef Johansson <josef@oderland.se>
This commit is contained in:
parent
e00c7a7edd
commit
bc8e7162db
@ -606,7 +606,9 @@ func (p *OAuthProxy) isAPIPath(req *http.Request) bool {
|
||||
|
||||
// isTrustedIP is used to check if a request comes from a trusted client IP address.
|
||||
func (p *OAuthProxy) isTrustedIP(req *http.Request) bool {
|
||||
if p.trustedIPs == nil {
|
||||
// RemoteAddr @ means unix socket
|
||||
// https://github.com/golang/go/blob/0fa53e41f122b1661d0678a6d36d71b7b5ad031d/src/syscall/syscall_linux.go#L506-L511
|
||||
if p.trustedIPs == nil && req.RemoteAddr != "@" {
|
||||
return false
|
||||
}
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user