I've been working through troubleshooting template requests via a
smart-proxy without a token present.
The request is from the client IP, which gets masked by the proxy on
forward, but when I reviewed the code I noticed that the proxy inserts an
X-Forwarded-For header, which foreman's unattended_controller looks at and
is supposed to honour.
However, I can't make sense of the following code:
def ip_from_request_env
ip = request.env['REMOTE_ADDR']
# check if someone is asking on behalf of another system (load balance
etc)
if request.env['HTTP_X_FORWARDED_FOR'].present? and (ip =~
Regexp.new(Setting[:remote_addr]))
ip = request.env['HTTP_X_FORWARDED_FOR']
end
ip
end
In my environment, foreman is running behind passenger, and the remote_addr
setting is 127.0.0.1.
When a request comes from a smart-proxy, the Regexp.new check fails, and
'ip' never gets set to the X-Forwarded-For IP, it retains the proxy's
source IP, which fails to render.
If I change the code to:
if request.env['HTTP_X_FORWARDED_FOR'].present?
everything works as I expect it to.
Am I missing something here, or is the code not quite right?
--
You received this message because you are subscribed to the Google Groups
"foreman-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
