X-Forwarded-For results from the CPAN

App-MHFS
view release on metacpan or search on metacpan
lib/MHFS/HTTP/Server/Client/Request.pm view on Meta::CPAN

            $self->{'path'} = \%pathStruct;
            $self->{'qs'} = \%qsStruct;
            $self->{'on_read_ready'} = \&want_headers;
            #return want_headers($self);
            goto &want_headers;
        }
        else {
            say "X-MHFS-CONN-ID: " . $self->{'outheaders'}{'X-MHFS-CONN-ID'} . ' Invalid Request line, closing conn';
            return undef;
        }
    }
    elsif(length($self->{'client'}{'inbuf'}) > MAX_REQUEST_SIZE) {
        say "X-MHFS-CONN-ID: " . $self->{'outheaders'}{'X-MHFS-CONN-ID'} . ' No Request line, closing conn';
        return undef;
    }
    return 1;
}

sub want_headers {
    my ($self) = @_;
    my $ipos;
    while($ipos = index($self->{'client'}{'inbuf'}, "\r\n")) {
        if($ipos == -1) {
            if(length($self->{'client'}{'inbuf'}) > MAX_REQUEST_SIZE) {
                say "X-MHFS-CONN-ID: " . $self->{'outheaders'}{'X-MHFS-CONN-ID'} . ' Headers too big, closing conn';
                return undef;
            }
            return 1;
        }
        elsif(substr($self->{'client'}{'inbuf'}, 0, $ipos+2, '') =~ /^(([^:]+):\s*(.*))\r\n/) {
            say "RECV: $1";
            $self->{'header'}{$2} = $3;
        }
        else {
            say "X-MHFS-CONN-ID: " . $self->{'outheaders'}{'X-MHFS-CONN-ID'} . ' Invalid header, closing conn';
            return undef;
        }
    }
    # when $ipos is 0 we recieved the end of the headers: \r\n\r\n

    # verify correct host is specified when required
    if($self->{'client'}{'serverhostname'}) {
        if((! $self->{'header'}{'Host'}) ||
        ($self->{'header'}{'Host'} ne $self->{'client'}{'serverhostname'})) {
            my $printhostname = $self->{'header'}{'Host'} // '';
            say "Host: $printhostname does not match ". $self->{'client'}{'serverhostname'};
            return undef;
        }
    }

    $self->{'ip'} = $self->{'client'}{'ip'};

    # check if we're trusted (we can trust the headers such as from reverse proxy)
    my $trusted;
    if($self->{'client'}{'X-MHFS-PROXY-KEY'} && $self->{'header'}{'X-MHFS-PROXY-KEY'}) {
        $trusted = $self->{'client'}{'X-MHFS-PROXY-KEY'} eq $self->{'header'}{'X-MHFS-PROXY-KEY'};
    }
    # drops conns for naughty client's using forbidden headers
    if(!$trusted) {
        my @absolutelyforbidden = ('X-MHFS-PROXY-KEY', 'X-Forwarded-For');
        foreach my $forbidden (@absolutelyforbidden) {
            if( exists $self->{'header'}{$forbidden}) {
                say "header $forbidden is forbidden!";
                return undef;
            }
        }
    }
    # process reverse proxy headers
    else {
        delete $self->{'header'}{'X-MHFS-PROXY-KEY'};
        try { $self->{'ip'} = parse_ipv4($self->{'header'}{'X-Forwarded-For'}) if($self->{'header'}{'X-Forwarded-For'}); }
        catch ($e) { say "ip not updated, unable to parse X-Forwarded-For: " . $self->{'header'}{'X-Forwarded-For'}; }
    }
    my $netmap = $self->{'client'}{'server'}{'settings'}{'NETMAP'};
    if($netmap && (($self->{'ip'} >> 24) == $netmap->[0])) {
        say "HACK for netmap converting to local ip";
        $self->{'ip'} = ($self->{'ip'} & 0xFFFFFF) | ($netmap->[1] << 24);
    }

    # remove the final \r\n
    substr($self->{'client'}{'inbuf'}, 0, 2, '');
    if((defined $self->{'header'}{'Range'}) &&  ($self->{'header'}{'Range'} =~ /^bytes=([0-9]+)\-([0-9]*)$/)) {
        $self->{'header'}{'_RangeStart'} = $1;
        $self->{'header'}{'_RangeEnd'} = ($2 ne  '') ? $2 : undef;
    }
    $self->{'on_read_ready'} = undef;
    $self->{'client'}->SetEvents(MHFS::EventLoop::Poll->ALWAYSMASK );
    $self->{'client'}->KillClientCloseTimer($self->{'recvrequesttimerid'});
    $self->{'recvrequesttimerid'} = undef;

    # finally handle the request
    foreach my $route (@{$self->{'client'}{'server'}{'routes'}}) {
        if($self->{'path'}{'unsafecollapse'} eq $route->[0]) {
            $route->[1]($self);
            return 1;
        }
        else {
            # wildcard ending
            next if(index($route->[0], '*', length($route->[0])-1) == -1);
            next if(rindex($self->{'path'}{'unsafecollapse'}, substr($route->[0], 0, -1), 0) != 0);
            $route->[1]($self);
            return 1;
        }
    }
    $self->{'client'}{'server'}{'route_default'}($self);
    return 1;
}

# unfortunately the absolute url of the server is required for stuff like m3u playlist generation
sub getAbsoluteURL {
    my ($self) = @_;
    return $self->{'client'}{'absurl'} // (defined($self->{'header'}{'Host'}) ? 'http://'.$self->{'header'}{'Host'} : undef);
}

sub _ReqDataLength {
    my ($self, $datalength) = @_;
    $datalength //= 99999999999;
    my $end =  $self->{'header'}{'_RangeEnd'} // ($datalength-1);
    my $dl = $end+1;
    say "_ReqDataLength returning: $dl";
    return $dl;
}

sub _SendResponse {
    my ($self, $fileitem) = @_;
    if(Encode::is_utf8($fileitem->{'buf'})) {
        warn "_SendResponse: UTF8 flag is set, turning off";
        Encode::_utf8_off($fileitem->{'buf'});
    }
    if($self->{'outheaders'}{'Transfer-Encoding'} && ($self->{'outheaders'}{'Transfer-Encoding'} eq 'chunked')) {
        say "chunked response";
        $fileitem->{'is_chunked'} = 1;
( run in 0.595 second using v1.01-cache-2.11-cpan-39bf76dae61 )