mirror of
https://github.com/d47081/qBittorrent.git
synced 2025-01-14 16:57:55 +00:00
parent
851374e517
commit
109c45bb95
@ -42,7 +42,6 @@
|
||||
#include <QUrl>
|
||||
|
||||
#include "base/algorithm.h"
|
||||
#include "base/global.h"
|
||||
#include "base/http/httperror.h"
|
||||
#include "base/logger.h"
|
||||
#include "base/preferences.h"
|
||||
@ -402,15 +401,29 @@ void WebApplication::configure()
|
||||
m_isReverseProxySupportEnabled = pref->isWebUIReverseProxySupportEnabled();
|
||||
if (m_isReverseProxySupportEnabled)
|
||||
{
|
||||
m_trustedReverseProxyList.clear();
|
||||
|
||||
const QStringList proxyList = pref->getWebUITrustedReverseProxiesList().split(u';', Qt::SkipEmptyParts);
|
||||
|
||||
for (const QString &proxy : proxyList)
|
||||
m_trustedReverseProxyList.clear();
|
||||
m_trustedReverseProxyList.reserve(proxyList.size());
|
||||
|
||||
for (QString proxy : proxyList)
|
||||
{
|
||||
QHostAddress ip;
|
||||
if (ip.setAddress(proxy))
|
||||
m_trustedReverseProxyList.push_back(ip);
|
||||
if (!proxy.contains(u'/'))
|
||||
{
|
||||
const QAbstractSocket::NetworkLayerProtocol protocol = QHostAddress(proxy).protocol();
|
||||
if (protocol == QAbstractSocket::IPv4Protocol)
|
||||
{
|
||||
proxy.append(u"/32");
|
||||
}
|
||||
else if (protocol == QAbstractSocket::IPv6Protocol)
|
||||
{
|
||||
proxy.append(u"/128");
|
||||
}
|
||||
}
|
||||
|
||||
const std::optional<Utils::Net::Subnet> subnet = Utils::Net::parseSubnet(proxy);
|
||||
if (subnet)
|
||||
m_trustedReverseProxyList.push_back(subnet.value());
|
||||
}
|
||||
|
||||
if (m_trustedReverseProxyList.isEmpty())
|
||||
@ -728,7 +741,7 @@ QHostAddress WebApplication::resolveClientAddress() const
|
||||
return m_env.clientAddress;
|
||||
|
||||
// Only reverse proxy can overwrite client address
|
||||
if (!m_trustedReverseProxyList.contains(m_env.clientAddress))
|
||||
if (!Utils::Net::isIPInSubnets(m_env.clientAddress, m_trustedReverseProxyList))
|
||||
return m_env.clientAddress;
|
||||
|
||||
const QString forwardedFor = m_request.headers.value(Http::HEADER_X_FORWARDED_FOR);
|
||||
|
@ -34,11 +34,13 @@
|
||||
#include <QDateTime>
|
||||
#include <QElapsedTimer>
|
||||
#include <QHash>
|
||||
#include <QHostAddress>
|
||||
#include <QMap>
|
||||
#include <QObject>
|
||||
#include <QRegularExpression>
|
||||
#include <QSet>
|
||||
#include <QTranslator>
|
||||
#include <QVector>
|
||||
|
||||
#include "base/applicationcomponent.h"
|
||||
#include "base/global.h"
|
||||
@ -233,7 +235,7 @@ private:
|
||||
|
||||
// Reverse proxy
|
||||
bool m_isReverseProxySupportEnabled;
|
||||
QVector<QHostAddress> m_trustedReverseProxyList;
|
||||
QVector<Utils::Net::Subnet> m_trustedReverseProxyList;
|
||||
QHostAddress m_clientAddress;
|
||||
|
||||
QVector<Http::Header> m_prebuiltHeaders;
|
||||
|
Loading…
Reference in New Issue
Block a user