diff options
author | Ben Bangert <ben@groovie.org> | 2015-01-17 10:38:37 -0800 |
---|---|---|
committer | Ben Bangert <ben@groovie.org> | 2015-01-17 10:38:37 -0800 |
commit | 9fe1e17a0b4a53b915c56ef440ed4f2f47400c88 (patch) | |
tree | 6a8422f555dcaee6b5a2e5bd43a070cd89a74349 | |
parent | 93470a86317342d2298ad393c5993b2ec07348ad (diff) | |
download | routes-9fe1e17a0b4a53b915c56ef440ed4f2f47400c88.tar.gz |
* Use the first X_FORWARDED_FOR value if there are multiple proxies in the
path. Fixes #5.
-rw-r--r-- | CHANGELOG.rst | 2 | ||||
-rw-r--r-- | routes/__init__.py | 5 | ||||
-rw-r--r-- | routes/util.py | 4 |
3 files changed, 8 insertions, 3 deletions
diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 98b82d9..5606bce 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -5,6 +5,8 @@ Release 2.1 (**dev**) ===================== * Extract Route creation into separate method in Mapper. Subclasses of Route can be created by Mappers now. +* Use the first X_FORWARDED_FOR value if there are multiple proxies in the + path. Fixes #5. Release 2.0 (November 17, 2013) =============================== diff --git a/routes/__init__.py b/routes/__init__.py index ae9a21b..76c19fa 100644 --- a/routes/__init__.py +++ b/routes/__init__.py @@ -60,7 +60,10 @@ class _RequestConfig(object): pass if 'HTTP_X_FORWARDED_HOST' in environ: - self.__shared_state.host = environ['HTTP_X_FORWARDED_HOST'] + # Apache will add multiple comma separated values to + # X-Forwarded-Host if there are multiple reverse proxies + self.__shared_state.host = \ + environ['HTTP_X_FORWARDED_HOST'].split(', ', 1)[0] elif 'HTTP_HOST' in environ: self.__shared_state.host = environ['HTTP_HOST'] else: diff --git a/routes/util.py b/routes/util.py index 738d002..5b3fae1 100644 --- a/routes/util.py +++ b/routes/util.py @@ -460,12 +460,12 @@ def cache_hostinfo(environ): """ hostinfo = {} if environ.get('HTTPS') or environ.get('wsgi.url_scheme') == 'https' \ - or environ.get('HTTP_X_FORWARDED_PROTO') == 'https': + or 'https' in environ.get('HTTP_X_FORWARDED_PROTO', "").split(', '): hostinfo['protocol'] = 'https' else: hostinfo['protocol'] = 'http' if environ.get('HTTP_X_FORWARDED_HOST'): - hostinfo['host'] = environ['HTTP_X_FORWARDED_HOST'] + hostinfo['host'] = environ['HTTP_X_FORWARDED_HOST'].split(', ', 1)[0] elif environ.get('HTTP_HOST'): hostinfo['host'] = environ['HTTP_HOST'] else: |