logo

pleroma

My custom branche(s) on git.pleroma.social/pleroma/pleroma git clone https://hacktivis.me/git/pleroma.git
commit: d0eca5b12518b0b98ef53003d60b08a78decf35f
parent b90eda3d8bfa1faf5bdabce9539b601476abed94
Author: feld <feld@feld.me>
Date:   Wed,  7 Oct 2020 19:16:53 +0000

Apply 2 suggestion(s) to 2 file(s)

Diffstat:

Mlib/pleroma/plugs/remote_ip.ex2+-
Mtest/plugs/remote_ip_test.exs13+++++++++++++
2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/lib/pleroma/plugs/remote_ip.ex b/lib/pleroma/plugs/remote_ip.ex @@ -43,6 +43,6 @@ defmodule Pleroma.Plugs.RemoteIp do InetCidr.v6?(InetCidr.parse_address!(proxy)) -> proxy <> "/128" end - InetCidr.parse(proxy) + InetCidr.parse(proxy, true) end end diff --git a/test/plugs/remote_ip_test.exs b/test/plugs/remote_ip_test.exs @@ -92,5 +92,18 @@ defmodule Pleroma.Plugs.RemoteIpTest do |> RemoteIp.call(nil) assert conn.remote_ip == {1, 1, 1, 1} + + test "proxies set `nonsensical` CIDR" do + Pleroma.Config.put([RemoteIp, :reserved], ["127.0.0.0/8"]) + Pleroma.Config.put([RemoteIp, :proxies], ["10.0.0.3/24"]) + + conn = + conn(:get, "/") + |> put_req_header("x-forwarded-for", "10.0.0.3, 1.1.1.1") + |> RemoteIp.call(nil) + + assert conn.remote_ip == {1, 1, 1, 1} + end + end end