Skip to content

Commit b0a7af3

Browse files
committed
Fixed incorrect parsing of the HTTP X-Forwarded-For header when the --ip-header commandline option is used in server mode.
We should not assume that the X-Forwarded-For header (and synonyms) contain only the client's IP address. The header can contain a comma-separated list that also includes proxies in the chain. See the following: https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/X-Forwarded-For
1 parent ff0c02e commit b0a7af3

1 file changed

Lines changed: 6 additions & 3 deletions

File tree

llamafile/server/client.cpp

Lines changed: 6 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -213,12 +213,15 @@ Client::transport()
213213
if (is_loopback_ip(client_ip_) || client_ip_trusted_) {
214214
std::string_view ip_header = get_header(FLAG_ip_header);
215215
if (!ip_header.empty()) {
216-
long ip;
217-
if ((ip = parse_ip(ip_header)) == -1) {
216+
// Extract the first IP (before any commas)
217+
size_t comma = ip_header.find(',');
218+
std::string_view first_ip = ip_header.substr(0, comma);
219+
long ip = parse_ip(first_ip);
220+
if (ip != -1) {
218221
effective_ip_ = ip;
219222
effective_ip_trusted_ = is_trusted_ip(ip);
220223
} else {
221-
SLOG("client's --ip-header wasn't a single ipv4 address");
224+
SLOG("client's --ip-header didn't start with a valid IPv4 address: ", ip_header);
222225
effective_ip_trusted_ = false;
223226
}
224227
}

0 commit comments

Comments
 (0)