Mirrors/stash
1
0
Fork 0
mirror of https://github.com/stashapp/stash.git synced 2025-12-17 12:24:38 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fix setting config locking out proxy users (#1820)

Browse Source
This commit is contained in:
kermieisinthehouse
2021-10-09 23:54:15 +00:00
committed by GitHub
parent fb5f9162d0
commit 04ca11e62e
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
pkg/session/authentication.go
View File

@@ -36,7 +36,7 @@ func CheckAllowPublicWithoutAuth(c *config.Instance, r *http.Request) error {
trustedProxies := c.GetTrustedProxies() trustedProxies := c.GetTrustedProxies()
proxyChain := strings.Split(r.Header.Get("X-FORWARDED-FOR"), ", ") proxyChain := strings.Split(r.Header.Get("X-FORWARDED-FOR"), ", ")
if trustedProxies == nil { if len(trustedProxies) == 0 {
// validate proxies against local network only // validate proxies against local network only
if !isLocalIP(requestIP) { if !isLocalIP(requestIP) {
return ExternalAccessError(requestIP) return ExternalAccessError(requestIP)
@@ -98,6 +98,9 @@ func isLocalIP(requestIP net.IP) bool {
} }
func isIPTrustedProxy(ip net.IP, trustedProxies []string) bool { func isIPTrustedProxy(ip net.IP, trustedProxies []string) bool {
if len(trustedProxies) == 0 {
return isLocalIP(ip)
}
for _, v := range trustedProxies { for _, v := range trustedProxies {
if ip.Equal(net.ParseIP(v)) { if ip.Equal(net.ParseIP(v)) {
return true return true