AZEN-SGG/Kavita
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Ensure the remote Ip address is correct behind RP for Security middleware.

Browse source
This commit is contained in:
Joseph Milazzo 2025-05-10 11:49:56 -05:00
parent c7d8c78c10
commit 7a2227d64a
1 changed files with 2 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

3
API/Middleware/SecurityMiddleware.cs
View file

@ -1,5 +1,6 @@
using System; using System;
using System.IO; using System.IO;
using System.Linq;
using System.Net; using System.Net;
using System.Text.Json; using System.Text.Json;
using System.Threading.Tasks; using System.Threading.Tasks;
@ -26,7 +27,7 @@ public class SecurityEventMiddleware(RequestDelegate next)
} }
catch (KavitaUnauthenticatedUserException ex) catch (KavitaUnauthenticatedUserException ex)
{ {
var ipAddress = context.Connection.RemoteIpAddress?.ToString(); var ipAddress = context.Request.Headers["X-Forwarded-For"].FirstOrDefault() ?? context.Connection.RemoteIpAddress?.ToString());
var requestMethod = context.Request.Method; var requestMethod = context.Request.Method;
var requestPath = context.Request.Path; var requestPath = context.Request.Path;
var userAgent = context.Request.Headers.UserAgent; var userAgent = context.Request.Headers.UserAgent;