slawek/ok-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: strip port from X-Forwarded-For header to get real IP

Browse Source
This commit is contained in:
Sławek Koszewski
2026-05-09 20:38:50 +02:00
parent bbdf82441e
commit 543480b34f
2 changed files with 12 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
ok-server.mjs
+7 -1
View File
@@ -221,7 +221,13 @@ function makeBodyAndType(req, clientIp, defaultLook) {
const xHeaders = collectXHeaders(req);
const { proxyHeadersBlock, proxyHeadersHtml } = proxyMarkup(xHeaders);
const xff = (req.headers["x-forwarded-for"] || "").split(",")[0].trim();
let xff = (req.headers["x-forwarded-for"] || "").split(",")[0].trim();
// strip port: [::1]:port -> ::1, 1.2.3.4:port -> 1.2.3.4
if (xff.startsWith("[")) {
xff = xff.slice(1, xff.includes("]") ? xff.indexOf("]") : xff.length);
} else if ((xff.match(/:/g) || []).length === 1) {
xff = xff.split(":")[0];
}
let ipText, ipHtml;
if (xff) {
ipText = `${xff} (forwarded by proxy ${clientIp})`;