Skip to content

refactor and fix reverse proxy IP fetch routines

anarcat requested to merge cleanup-mr135 into main

The plan is to extract the logic so that we can log IP addresses in failed requests in #117.

In doing so, I found a flaw in how the rate limiter worked that allowed an attacker to inject fake IP addresses in the X-Forwarded-For header, allowing rate limiting bypass or denial of service of arbitrary addresses as well. That should be fixed.

The request of logging originating IP addresses (#117) is not actually fixed here, because while trying to address that I realized that where we're logging those failures is in the webhook callbacks, and there the request client is not the user, but the payment processor.

So we somehow need to either keep track of the client IP address to restore it when we get that webhook response (ewww) or take that IP address from the webhook data in the first place.

I'm less familiar with that part of the process, so I'll again defer that to later code.

Splitting that code up in a different function still feels useful though, because now we have it unit-tested.

Edited by anarcat

Merge request reports

Loading