|
@ -6,6 +6,7 @@ import ( |
|
|
"net" |
|
|
"net" |
|
|
"net/http" |
|
|
"net/http" |
|
|
"regexp" |
|
|
"regexp" |
|
|
|
|
|
"strings" |
|
|
|
|
|
|
|
|
"github.com/chrislusf/seaweedfs/go/glog" |
|
|
"github.com/chrislusf/seaweedfs/go/glog" |
|
|
) |
|
|
) |
|
@ -81,12 +82,26 @@ func (g *Guard) Secure(f func(w http.ResponseWriter, r *http.Request)) func(w ht |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
func GetActualRemoteHost(r *http.Request) (host string, err error) { |
|
|
|
|
|
host = r.Header.Get("HTTP_X_FORWARDED_FOR") |
|
|
|
|
|
if host == "" { |
|
|
|
|
|
host = r.Header.Get("X-FORWARDED-FOR") |
|
|
|
|
|
} |
|
|
|
|
|
if strings.Contains(host, ",") { |
|
|
|
|
|
host = host[0:strings.Index(host, ",")] |
|
|
|
|
|
} |
|
|
|
|
|
if host == "" { |
|
|
|
|
|
host, _, err = net.SplitHostPort(r.RemoteAddr) |
|
|
|
|
|
} |
|
|
|
|
|
return |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
func (g *Guard) checkWhiteList(w http.ResponseWriter, r *http.Request) error { |
|
|
func (g *Guard) checkWhiteList(w http.ResponseWriter, r *http.Request) error { |
|
|
if len(g.whiteList) == 0 { |
|
|
if len(g.whiteList) == 0 { |
|
|
return nil |
|
|
return nil |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
host, _, err := net.SplitHostPort(r.RemoteAddr) |
|
|
|
|
|
|
|
|
host, err := GetActualRemoteHost(r) |
|
|
if err == nil { |
|
|
if err == nil { |
|
|
for _, ip := range g.whiteList { |
|
|
for _, ip := range g.whiteList { |
|
|
|
|
|
|
|
|