Apply 2 suggestion(s) to 2 file(s)

author: feld <feld@feld.me> 2020-10-07 19:16:53 +0000
committer: feld <feld@feld.me> 2020-10-07 19:16:53 +0000
commit: d0eca5b12518b0b98ef53003d60b08a78decf35f (patch)
tree: ea6733f1e50ce2d4b5fc97227e0d5654a2addb42
parent: b90eda3d8bfa1faf5bdabce9539b601476abed94 (diff)
2 files changed, 14 insertions, 1 deletions
diff --git a/lib/pleroma/plugs/remote_ip.ex b/lib/pleroma/plugs/remote_ip.ex
index 51cc87ad8..987022156 100644
--- a/lib/pleroma/plugs/remote_ip.ex
+++ b/lib/pleroma/plugs/remote_ip.ex
@@ -43,6 +43,6 @@ defmodule Pleroma.Plugs.RemoteIp do
         InetCidr.v6?(InetCidr.parse_address!(proxy)) -> proxy <> "/128"
       end
 
-    InetCidr.parse(proxy)
+    InetCidr.parse(proxy, true)
   end
 end
diff --git a/test/plugs/remote_ip_test.exs b/test/plugs/remote_ip_test.exs
index 849c7fc3d..2da9f616b 100644
--- a/test/plugs/remote_ip_test.exs
+++ b/test/plugs/remote_ip_test.exs
@@ -92,5 +92,18 @@ defmodule Pleroma.Plugs.RemoteIpTest do
       |> RemoteIp.call(nil)
 
     assert conn.remote_ip == {1, 1, 1, 1}
+
+  test "proxies set `nonsensical` CIDR" do
+    Pleroma.Config.put([RemoteIp, :reserved], ["127.0.0.0/8"])
+    Pleroma.Config.put([RemoteIp, :proxies], ["10.0.0.3/24"])
+
+    conn =
+      conn(:get, "/")
+      |> put_req_header("x-forwarded-for", "10.0.0.3, 1.1.1.1")
+      |> RemoteIp.call(nil)
+
+    assert conn.remote_ip == {1, 1, 1, 1}
+  end
+
   end
 end
author	feld <feld@feld.me>	2020-10-07 19:16:53 +0000
committer	feld <feld@feld.me>	2020-10-07 19:16:53 +0000
commit	d0eca5b12518b0b98ef53003d60b08a78decf35f (patch)
tree	ea6733f1e50ce2d4b5fc97227e0d5654a2addb42
parent	b90eda3d8bfa1faf5bdabce9539b601476abed94 (diff)