Skip to content

Commit

Permalink
add x-real-ip head check
Browse files Browse the repository at this point in the history
  • Loading branch information
jackcj committed Nov 19, 2019
1 parent 1993c31 commit 79aa8b3
Showing 1 changed file with 10 additions and 2 deletions.
12 changes: 10 additions & 2 deletions webssh/handler.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -286,6 +286,12 @@ def get_real_client_addr(self):

return (ip, port)

def get_x_real_ip(self):
ip = self.request.headers.get('X-Real-Ip')
if len(ip) == 0:
ip = self.request.headers.get('X-Forwarded-For', '')
return ip


class NotFoundHandler(MixinHandler, tornado.web.ErrorHandler):

Expand Down Expand Up @@ -484,10 +490,12 @@ def post(self):

ip, port = self.get_client_addr()
workers = clients.get(ip, {})
logging.info('Client>>>> on {}:{} now time {}'.format(ip, port,now))

x_real_ip = self.get_x_real_ip()
client_ip = self.get_value("ip")
if client_ip != ip:

logging.info('Client>>>> on {}:{} now time {}'.format(x_real_ip, port,now))
if client_ip != x_real_ip:
raise tornado.web.HTTPError(403, 'IP in blacklist.')


Expand Down

0 comments on commit 79aa8b3

Please sign in to comment.