Skip to content

Commit 5e7797a

Browse files
author
Rui Marinho
committed
Remove x-forwarded-* header support
This should be moved to the middleware layer instead, delegating `X-Forwarded-For` to `req.ip` and `X-Forwarded-Proto` to `req.secure`.
1 parent 9fe3ea6 commit 5e7797a

File tree

2 files changed

+8
-75
lines changed

2 files changed

+8
-75
lines changed

lib/parsers.js

Lines changed: 2 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -88,9 +88,7 @@ module.exports.parseRequest = function parseRequest(req, kwargs) {
8888
// express: req.protocol
8989
// koa: req.protocol
9090
//
91-
var protocol = ('https' === req.protocol || true === req.secure || true === (req.socket || {}).encrypted ||
92-
('https' === (headers['x-forwarded-proto'] || '').split(/\s*,\s*/)[0])) ||
93-
('443' === headers['x-forwarded-port'] || '') ? 'https' : 'http';
91+
var protocol = ('https' === req.protocol || true === req.secure || true === (req.socket || {}).encrypted) ? 'https' : 'http';
9492

9593
// url (including path and query string):
9694
//
@@ -133,7 +131,7 @@ module.exports.parseRequest = function parseRequest(req, kwargs) {
133131
// express: req.ip
134132
// koa: req.ip
135133
//
136-
var ip = req.ip || (headers['x-forwarded-for'] || '').split(/\s*,\s*/)[0] || (req.connection || {}).remoteAddress;
134+
var ip = req.ip || (req.connection || {}).remoteAddress;
137135

138136
// http interface
139137
var http = {

test/raven.parsers.js

Lines changed: 6 additions & 71 deletions
Original file line numberDiff line numberDiff line change
@@ -120,15 +120,15 @@ describe('raven.parsers', function(){
120120
});
121121
});
122122

123-
describe('`https` detection', function() {
124-
it('should detect https via `req.secure`', function(){
123+
describe('`protocol` detection', function() {
124+
it('should detect protocol via `req.protocol`', function(){
125125
var mockReq = {
126126
method: 'GET',
127127
url: '/some/path?key=value',
128128
headers: {
129129
host: 'mattrobenolt.com',
130130
},
131-
secure: true,
131+
protocol: 'https',
132132
socket: {
133133
encrypted: false
134134
}
@@ -139,14 +139,14 @@ describe('raven.parsers', function(){
139139
parsed['sentry.interfaces.Http'].url.should.equal('https://mattrobenolt.com/some/path?key=value');
140140
});
141141

142-
it('should detect https via `req.protocol`', function(){
142+
it('should detect protocol via `req.secure`', function(){
143143
var mockReq = {
144144
method: 'GET',
145145
url: '/some/path?key=value',
146146
headers: {
147147
host: 'mattrobenolt.com',
148148
},
149-
protocol: 'https',
149+
secure: true,
150150
socket: {
151151
encrypted: false
152152
}
@@ -157,7 +157,7 @@ describe('raven.parsers', function(){
157157
parsed['sentry.interfaces.Http'].url.should.equal('https://mattrobenolt.com/some/path?key=value');
158158
});
159159

160-
it('should detect https via `req.socket.encrypted`', function(){
160+
it('should detect protocol via `req.socket.encrypted`', function(){
161161
var mockReq = {
162162
method: 'GET',
163163
url: '/some/path?key=value',
@@ -173,41 +173,6 @@ describe('raven.parsers', function(){
173173

174174
parsed['sentry.interfaces.Http'].url.should.equal('https://mattrobenolt.com/some/path?key=value');
175175
});
176-
177-
it('should detect https via `x-forwarded-proto`', function(){
178-
var mockReq = {
179-
method: 'GET',
180-
url: '/some/path?key=value',
181-
headers: {
182-
host: 'mattrobenolt.com',
183-
'x-forwarded-proto': 'https'
184-
},
185-
socket: {
186-
encrypted: false
187-
}
188-
};
189-
190-
var parsed = raven.parsers.parseRequest(mockReq);
191-
192-
parsed['sentry.interfaces.Http'].url.should.equal('https://mattrobenolt.com/some/path?key=value');
193-
});
194-
195-
it('should detect https via `x-forwarded-port`', function(){
196-
var mockReq = {
197-
method: 'GET',
198-
url: '/some/path?key=value',
199-
headers: {
200-
host: 'mattrobenolt.com',
201-
'x-forwarded-port': '443'
202-
},
203-
socket: {
204-
encrypted: false
205-
}
206-
};
207-
208-
var parsed = raven.parsers.parseRequest(mockReq);
209-
parsed['sentry.interfaces.Http'].url.should.equal('https://mattrobenolt.com/some/path?key=value');
210-
});
211176
});
212177

213178
describe('`cookie` detection', function() {
@@ -339,36 +304,6 @@ describe('raven.parsers', function(){
339304
parsed['sentry.interfaces.Http'].env.REMOTE_ADDR.should.equal('69.69.69.69');
340305
});
341306

342-
it('should detect ip via single hop `x-forwarded-for`', function(){
343-
var mockReq = {
344-
method: 'GET',
345-
url: '/some/path?key=value',
346-
headers: {
347-
host: 'mattrobenolt.com',
348-
'x-forwarded-for': '69.69.69.69'
349-
}
350-
};
351-
352-
var parsed = raven.parsers.parseRequest(mockReq);
353-
354-
parsed['sentry.interfaces.Http'].env.REMOTE_ADDR.should.equal('69.69.69.69');
355-
});
356-
357-
it('should detect ip via multiple hops `x-forwarded-for`', function(){
358-
var mockReq = {
359-
method: 'GET',
360-
url: '/some/path?key=value',
361-
headers: {
362-
host: 'mattrobenolt.com',
363-
'x-forwarded-for': '1.2.3.4, 5.6.7.8, 69.69.69.69'
364-
}
365-
};
366-
367-
var parsed = raven.parsers.parseRequest(mockReq);
368-
369-
parsed['sentry.interfaces.Http'].env.REMOTE_ADDR.should.equal('1.2.3.4');
370-
});
371-
372307
it('should detect ip via `req.connection.remoteAddress`', function(){
373308
var mockReq = {
374309
method: 'GET',

0 commit comments

Comments
 (0)