From d6d879133e67aa967d849a0b73ddde25ddd4bb54 Mon Sep 17 00:00:00 2001 From: Remilia Da Costa Faro Date: Fri, 21 Mar 2025 20:39:34 +0100 Subject: Allow filtering by remote addresses (#52) * Added the possibility to define rules for remote addresses * Added change in changelog * Added check for X-Real-Ip and X-Forwarded-For when checking for remote address filtering * cmd/anubis: refine IP filtering logic * Optimize the configuration so that the IP trie is created once at application start instead of dynamically being created every request. * Document the changes in the changelog and docs site. * Allow pure IP range filtering. * Allow user agent based IP range filtering. * Allow path based IP range filtering. * Create --debug-x-real-ip-default flag for testing Anubis locally without a HTTP load balancer. --------- Co-authored-by: Xe Iaso --- internal/headers.go | 21 ++++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) (limited to 'internal') diff --git a/internal/headers.go b/internal/headers.go index 47aa2cc..1de845d 100644 --- a/internal/headers.go +++ b/internal/headers.go @@ -1,6 +1,7 @@ package internal import ( + "log/slog" "net/http" "github.com/TecharoHQ/anubis" @@ -8,13 +9,27 @@ import ( // UnchangingCache sets the Cache-Control header to cache a response for 1 year if // and only if the application is compiled in "release" mode by Docker. -func UnchangingCache(h http.Handler) http.Handler { +func UnchangingCache(next http.Handler) http.Handler { if anubis.Version == "devel" { - return h + return next } return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { w.Header().Set("Cache-Control", "public, max-age=31536000") - h.ServeHTTP(w, r) + next.ServeHTTP(w, r) + }) +} + +// DefaultXRealIP sets the X-Real-Ip header to the given value if and only if +// it is not an empty string. +func DefaultXRealIP(defaultIP string, next http.Handler) http.Handler { + if defaultIP == "" { + slog.Debug("skipping middleware, defaultIP is empty") + return next + } + + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + r.Header.Set("X-Real-Ip", defaultIP) + next.ServeHTTP(w, r) }) } -- cgit v1.2.3