[tor-commits] [meek/master] Set a Meek-IP header with the client IP in the App Engine reflector.
dcf at torproject.org
dcf at torproject.org
Sun Dec 20 20:09:35 UTC 2015
commit 90307dba62d6dba25c19d199de8df28d9144d9b8
Author: David Fifield <david at bamsoftware.com>
Date: Mon Dec 14 01:44:06 2015 -0800
Set a Meek-IP header with the client IP in the App Engine reflector.
This is a replacement for X-Forwarded-For because App Engine doesn't
allow to set X-Forwarded-For, and doesn't set any equivalent header by
default.
https://trac.torproject.org/projects/tor/ticket/13171#comment:7
---
appengine/reflect.go | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/appengine/reflect.go b/appengine/reflect.go
index 44596b9..93ac5d1 100644
--- a/appengine/reflect.go
+++ b/appengine/reflect.go
@@ -5,6 +5,7 @@ package reflect
import (
"io"
"net/http"
+ "net"
"net/url"
"time"
@@ -40,6 +41,17 @@ var reflectedHeaderFields = []string{
"X-Session-Id",
}
+// Get the original client IP address as a string. When using the standard
+// net/http server, Request.RemoteAddr is a "host:port" string; however App
+// Engine seems to use just "host". We check for both to be safe.
+func getClientAddr(r *http.Request) string {
+ host, _, err := net.SplitHostPort(r.RemoteAddr)
+ if err == nil {
+ return host
+ }
+ return r.RemoteAddr
+}
+
// Make a copy of r, with the URL being changed to be relative to forwardURL,
// and including only the headers in reflectedHeaderFields.
func copyRequest(r *http.Request) (*http.Request, error) {
@@ -60,6 +72,12 @@ func copyRequest(r *http.Request) (*http.Request, error) {
c.Header.Add(key, value)
}
}
+ // Set the original client IP address in a Meek-IP header. We would use
+ // X-Forwarded-For, but App Engine prohibits setting that header:
+ // https://cloud.google.com/appengine/docs/go/urlfetch/#Go_Request_headers
+ // We could use Forwarded from RFC 7239, but other CDNs already use
+ // X-Forwarded-For and this way we only need one parser.
+ c.Header.Add("Meek-IP", getClientAddr(r))
return c, nil
}
More information about the tor-commits
mailing list