1
1
mirror of https://github.com/aelve/guide.git synced 2024-12-26 22:34:42 +03:00

Parse the X-Forwarded-For request header

guide.aelve.com currently runs behind Apache (as reverse proxy), which
means that all client addresses seem to be 127.0.0.0. This fixes that.
This commit is contained in:
Artyom 2016-04-08 23:28:54 +03:00
parent b9af03f55e
commit f8c5f5c6b7
2 changed files with 21 additions and 2 deletions

View File

@ -73,6 +73,10 @@ If you want the status page to be available as well, write:
(Note that it will only be available at `/status/`, not `/status`.)
Enable the `remoteip` module (this is needed so that the `/admin` page would display actual IPs instead of `127.0.0.1`):
$ a2enmod remoteip
Enable the site:
$ a2ensite guide

View File

@ -34,7 +34,7 @@ import Web.Spock hiding (head, get, text)
import qualified Web.Spock as Spock
import Web.Spock.Lucid
import Lucid
import Network.Wai.Middleware.Static
import Network.Wai.Middleware.Static (staticPolicy, addBase)
import qualified Network.HTTP.Types.Status as HTTP
import qualified Network.Wai as Wai
-- Feeds
@ -125,7 +125,22 @@ addEdit :: (MonadIO m, HasSpock (ActionCtxT ctx m),
=> Edit -> ActionCtxT ctx m ()
addEdit ed = do
time <- liftIO $ getCurrentTime
ip <- sockAddrToIP . Wai.remoteHost <$> Spock.request
mbForwardedFor <- liftA2 (<|>) (Spock.header "Forwarded-For")
(Spock.header "X-Forwarded-For")
ip <- case mbForwardedFor of
Nothing -> sockAddrToIP . Wai.remoteHost <$> Spock.request
Just ff -> return (read (T.unpack ip))
where
addr = T.strip . snd . T.breakOnEnd "," $ ff
ip -- [IPv6]:port
| T.take 1 addr == "[" =
T.drop 1 (T.takeWhile (/= ']') addr)
-- IPv4 or IPv4:port
| T.any (== '.') addr =
T.takeWhile (/= ':') addr
-- IPv6 without port
| otherwise =
addr
unless (isVacuousEdit ed) $
dbUpdate (RegisterEdit ed ip time)