TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-01-10 12:24:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: correctly get x-forwarded-for for browser info in events (#9149)

Browse Source 
# Which Problems Are Solved

Events like "password check succeeded" store some information about the
caller including their IP.
The `X-Forwarded-For` was not correctly logged, but instead the
RemoteAddress.

# How the Problems Are Solved

- Correctly get the `X-Forwarded-For` in canonical form.

# Additional Changes

None

# Additional Context

closes [#9106](https://github.com/zitadel/zitadel/issues/9106)
This commit is contained in:
Livio Spring 2025-01-08 10:30:12 +01:00 committed by GitHub
parent db8d794794
commit c966446f80
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 2 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
internal/api/http/header.go
View File

@ -108,14 +108,8 @@ func GetOrgID(r *http.Request) string {
} }
func GetForwardedFor(headers http.Header) (string, bool) { func GetForwardedFor(headers http.Header) (string, bool) {
forwarded, ok := headers[ForwardedFor] forwarded := strings.Split(headers.Get(ForwardedFor), ",")[0]
if ok { return forwarded, forwarded != ""
ip := strings.TrimSpace(strings.Split(forwarded[0], ",")[0])
if ip != "" {
return ip, true
}
}
return "", false
} }
func RemoteAddrFromCtx(ctx context.Context) string { func RemoteAddrFromCtx(ctx context.Context) string {