Alex-Devera/3x-ui
1
0
Fork 0
mirror of https://github.com/MHSanaei/3x-ui.git synced 2025-05-03 13:48:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

feat: Enhance host extraction from headers (#2292)

Browse source 
- Refactor SUBController subs and subJsons methods to extract host from X-Forwarded-Host header, falling back to X-Real-IP header and then to the request host if unavailable.
- Update html function to extract host from X-Forwarded-Host header, falling back to X-Real-IP header and then to the request host if unavailable.
- Update DomainValidatorMiddleware to first attempt to extract host from X-Forwarded-Host header, falling back to X-Real-IP header and then to the request host.

Fixes: #2284

Signed-off-by: Ahmad Thoriq Najahi <najahi@zephyrus.id>
This commit is contained in:
Ahmad Thoriq Najahi 2024-05-24 04:51:19 +07:00 committed by GitHub
parent 5ec16301a6
commit d070a82b3d
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 46 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

26
sub/subController.go
View file

@ -54,7 +54,18 @@ func (a *SUBController) initRouter(g *gin.RouterGroup) {
func (a *SUBController) subs(c *gin.Context) { func (a *SUBController) subs(c *gin.Context) {
subId := c.Param("subid") subId := c.Param("subid")
host, _, _ := net.SplitHostPort(c.Request.Host) host := c.GetHeader("X-Forwarded-Host")
if host == "" {
host = c.GetHeader("X-Real-IP")
}
if host == "" {
var err error
host, _, err = net.SplitHostPort(c.Request.Host)
if err != nil {
host = c.Request.Host
}
}
host = host
subs, header, err := a.subService.GetSubs(subId, host) subs, header, err := a.subService.GetSubs(subId, host)
if err != nil || len(subs) == 0 { if err != nil || len(subs) == 0 {
c.String(400, "Error!") c.String(400, "Error!")
@ -79,7 +90,18 @@ func (a *SUBController) subs(c *gin.Context) {
func (a *SUBController) subJsons(c *gin.Context) { func (a *SUBController) subJsons(c *gin.Context) {
subId := c.Param("subid") subId := c.Param("subid")
host, _, _ := net.SplitHostPort(c.Request.Host) host := c.GetHeader("X-Forwarded-Host")
if host == "" {
host = c.GetHeader("X-Real-IP")
}
if host == "" {
var err error
host, _, err = net.SplitHostPort(c.Request.Host)
if err != nil {
host = c.Request.Host
}
}
host = host
jsonSub, header, err := a.subJsonService.GetJson(subId, host) jsonSub, header, err := a.subJsonService.GetJson(subId, host)
if err != nil || len(jsonSub) == 0 { if err != nil || len(jsonSub) == 0 {
c.String(400, "Error!") c.String(400, "Error!")

13
web/controller/util.go
View file

@ -64,7 +64,18 @@ func html(c *gin.Context, name string, title string, data gin.H) {
data = gin.H{} data = gin.H{}
} }
data["title"] = title data["title"] = title
data["host"], _, _ = net.SplitHostPort(c.Request.Host) host := c.GetHeader("X-Forwarded-Host")
if host == "" {
host = c.GetHeader("X-Real-IP")
}
if host == "" {
var err error
host, _, err = net.SplitHostPort(c.Request.Host)
if err != nil {
host = c.Request.Host
}
}
data["host"] = host
data["request_uri"] = c.Request.RequestURI data["request_uri"] = c.Request.RequestURI
data["base_path"] = c.GetString("base_path") data["base_path"] = c.GetString("base_path")
c.HTML(http.StatusOK, name, getContext(data)) c.HTML(http.StatusOK, name, getContext(data))

8
web/middleware/domainValidator.go
View file

@ -9,13 +9,17 @@ import (
func DomainValidatorMiddleware(domain string) gin.HandlerFunc { func DomainValidatorMiddleware(domain string) gin.HandlerFunc {
return func(c *gin.Context) { return func(c *gin.Context) {
host := c.GetHeader("X-Forwarded-Host")
if host == "" {
host = c.GetHeader("X-Real-IP")
}
if host == "" {
host, _, _ := net.SplitHostPort(c.Request.Host) host, _, _ := net.SplitHostPort(c.Request.Host)
if host != domain { if host != domain {
c.AbortWithStatus(http.StatusForbidden) c.AbortWithStatus(http.StatusForbidden)
return return
} }
c.Next() c.Next()
} }
} }
}