From 02680d224a76732edd36b5335d127cb683c8cffd Mon Sep 17 00:00:00 2001 From: LittleSheep Date: Sat, 6 Sep 2025 22:15:27 +0800 Subject: [PATCH] :bug: Fix known proxies --- .../Startup/ApplicationConfiguration.cs | 25 +---------- DysonNetwork.Gateway/Program.cs | 6 +-- .../Startup/ApplicationConfiguration.cs | 25 +---------- .../Startup/ApplicationConfiguration.cs | 32 +------------ .../Http/KnownProxiesConfiguration.cs | 45 +++++++++++++++++++ .../Startup/ApplicationConfiguration.cs | 27 +---------- 6 files changed, 55 insertions(+), 105 deletions(-) create mode 100644 DysonNetwork.Shared/Http/KnownProxiesConfiguration.cs diff --git a/DysonNetwork.Develop/Startup/ApplicationConfiguration.cs b/DysonNetwork.Develop/Startup/ApplicationConfiguration.cs index 6ba95fd..18d5533 100644 --- a/DysonNetwork.Develop/Startup/ApplicationConfiguration.cs +++ b/DysonNetwork.Develop/Startup/ApplicationConfiguration.cs @@ -1,6 +1,7 @@ using System.Net; using DysonNetwork.Develop.Identity; using DysonNetwork.Shared.Auth; +using DysonNetwork.Shared.Http; using Microsoft.AspNetCore.HttpOverrides; using Prometheus; @@ -18,7 +19,7 @@ public static class ApplicationConfiguration app.UseRequestLocalization(); - ConfigureForwardedHeaders(app, configuration); + app.ConfigureForwardedHeaders(configuration); app.UseAuthentication(); app.UseAuthorization(); @@ -30,26 +31,4 @@ public static class ApplicationConfiguration return app; } - - private static void ConfigureForwardedHeaders(WebApplication app, IConfiguration configuration) - { - var knownProxiesSection = configuration.GetSection("KnownProxies"); - var forwardedHeadersOptions = new ForwardedHeadersOptions { ForwardedHeaders = ForwardedHeaders.All }; - - if (knownProxiesSection.Exists()) - { - var proxyAddresses = knownProxiesSection.Get(); - if (proxyAddresses != null) - foreach (var proxy in proxyAddresses) - if (IPAddress.TryParse(proxy, out var ipAddress)) - forwardedHeadersOptions.KnownProxies.Add(ipAddress); - } - else - { - forwardedHeadersOptions.KnownProxies.Add(IPAddress.Any); - forwardedHeadersOptions.KnownProxies.Add(IPAddress.IPv6Any); - } - - app.UseForwardedHeaders(forwardedHeadersOptions); - } } diff --git a/DysonNetwork.Gateway/Program.cs b/DysonNetwork.Gateway/Program.cs index 522491a..7c981ea 100644 --- a/DysonNetwork.Gateway/Program.cs +++ b/DysonNetwork.Gateway/Program.cs @@ -1,4 +1,5 @@ using DysonNetwork.Gateway.Startup; +using DysonNetwork.Shared.Http; using Microsoft.AspNetCore.HttpOverrides; var builder = WebApplication.CreateBuilder(args); @@ -17,10 +18,7 @@ builder.Services.AddControllers(); var app = builder.Build(); -app.UseForwardedHeaders(new ForwardedHeadersOptions -{ - ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto -}); +app.ConfigureForwardedHeaders(app.Configuration); app.UseRequestTimeouts(); app.UseCors(opts => diff --git a/DysonNetwork.Pass/Startup/ApplicationConfiguration.cs b/DysonNetwork.Pass/Startup/ApplicationConfiguration.cs index 2e4ca59..dd85cef 100644 --- a/DysonNetwork.Pass/Startup/ApplicationConfiguration.cs +++ b/DysonNetwork.Pass/Startup/ApplicationConfiguration.cs @@ -5,6 +5,7 @@ using DysonNetwork.Pass.Credit; using DysonNetwork.Pass.Leveling; using DysonNetwork.Pass.Permission; using DysonNetwork.Pass.Wallet; +using DysonNetwork.Shared.Http; using Microsoft.AspNetCore.HttpOverrides; using Microsoft.Extensions.FileProviders; using Prometheus; @@ -23,7 +24,7 @@ public static class ApplicationConfiguration app.UseRequestLocalization(); - ConfigureForwardedHeaders(app, configuration); + app.ConfigureForwardedHeaders(configuration); app.UseCors(opts => opts.SetIsOriginAllowed(_ => true) @@ -51,28 +52,6 @@ public static class ApplicationConfiguration return app; } - private static void ConfigureForwardedHeaders(WebApplication app, IConfiguration configuration) - { - var knownProxiesSection = configuration.GetSection("KnownProxies"); - var forwardedHeadersOptions = new ForwardedHeadersOptions { ForwardedHeaders = ForwardedHeaders.All }; - - if (knownProxiesSection.Exists()) - { - var proxyAddresses = knownProxiesSection.Get(); - if (proxyAddresses != null) - foreach (var proxy in proxyAddresses) - if (IPAddress.TryParse(proxy, out var ipAddress)) - forwardedHeadersOptions.KnownProxies.Add(ipAddress); - } - else - { - forwardedHeadersOptions.KnownProxies.Add(IPAddress.Any); - forwardedHeadersOptions.KnownProxies.Add(IPAddress.IPv6Any); - } - - app.UseForwardedHeaders(forwardedHeadersOptions); - } - public static WebApplication ConfigureGrpcServices(this WebApplication app) { app.MapGrpcService(); diff --git a/DysonNetwork.Pusher/Startup/ApplicationConfiguration.cs b/DysonNetwork.Pusher/Startup/ApplicationConfiguration.cs index 1ade7f0..2d04c39 100644 --- a/DysonNetwork.Pusher/Startup/ApplicationConfiguration.cs +++ b/DysonNetwork.Pusher/Startup/ApplicationConfiguration.cs @@ -1,5 +1,6 @@ using System.Net; using DysonNetwork.Pusher.Services; +using DysonNetwork.Shared.Http; using Microsoft.AspNetCore.HttpOverrides; namespace DysonNetwork.Pusher.Startup; @@ -15,7 +16,7 @@ public static class ApplicationConfiguration app.UseRequestLocalization(); - ConfigureForwardedHeaders(app, configuration); + app.ConfigureForwardedHeaders(configuration); app.UseCors(opts => opts.SetIsOriginAllowed(_ => true) @@ -35,33 +36,4 @@ public static class ApplicationConfiguration return app; } - - private static void ConfigureForwardedHeaders(WebApplication app, IConfiguration configuration) - { - var knownProxiesSection = configuration.GetSection("KnownProxies"); - var forwardedHeadersOptions = new ForwardedHeadersOptions { ForwardedHeaders = ForwardedHeaders.All }; - - if (knownProxiesSection.Exists()) - { - var proxyAddresses = knownProxiesSection.Get(); - if (proxyAddresses != null) - foreach (var proxy in proxyAddresses) - if (IPAddress.TryParse(proxy, out var ipAddress)) - forwardedHeadersOptions.KnownProxies.Add(ipAddress); - } - else - { - forwardedHeadersOptions.KnownProxies.Add(IPAddress.Any); - forwardedHeadersOptions.KnownProxies.Add(IPAddress.IPv6Any); - } - - app.UseForwardedHeaders(forwardedHeadersOptions); - } - - public static WebApplication ConfigureGrpcServices(this WebApplication app) - { - app.MapGrpcService(); - - return app; - } } diff --git a/DysonNetwork.Shared/Http/KnownProxiesConfiguration.cs b/DysonNetwork.Shared/Http/KnownProxiesConfiguration.cs new file mode 100644 index 0000000..90b34d9 --- /dev/null +++ b/DysonNetwork.Shared/Http/KnownProxiesConfiguration.cs @@ -0,0 +1,45 @@ +using System.Net; +using Microsoft.AspNetCore.Builder; +using Microsoft.AspNetCore.HttpOverrides; +using Microsoft.Extensions.Configuration; +using IPNetwork = Microsoft.AspNetCore.HttpOverrides.IPNetwork; + +namespace DysonNetwork.Shared.Http; + +public static class KnownProxiesConfiguration +{ + public static WebApplication ConfigureForwardedHeaders(this WebApplication app, IConfiguration configuration) + { + var knownProxiesSection = configuration.GetSection("KnownProxies"); + var forwardedHeadersOptions = new ForwardedHeadersOptions { ForwardedHeaders = ForwardedHeaders.All }; + + if (knownProxiesSection.Exists()) + { + var proxyAddresses = knownProxiesSection.Get(); + if (proxyAddresses != null) + { + foreach (var proxy in proxyAddresses) + { + if (IPAddress.TryParse(proxy, out var ipAddress)) + { + forwardedHeadersOptions.KnownProxies.Add(ipAddress); + } + else if (IPNetwork.TryParse(proxy, out var ipNetwork)) + { + forwardedHeadersOptions.KnownNetworks.Add(ipNetwork); + } + } + } + } + + if (forwardedHeadersOptions.KnownProxies.Count == 0 && forwardedHeadersOptions.KnownNetworks.Count == 0) + { + forwardedHeadersOptions.KnownProxies.Add(IPAddress.Any); + forwardedHeadersOptions.KnownProxies.Add(IPAddress.IPv6Any); + } + + app.UseForwardedHeaders(forwardedHeadersOptions); + + return app; + } +} \ No newline at end of file diff --git a/DysonNetwork.Sphere/Startup/ApplicationConfiguration.cs b/DysonNetwork.Sphere/Startup/ApplicationConfiguration.cs index aa0a4f6..80d69db 100644 --- a/DysonNetwork.Sphere/Startup/ApplicationConfiguration.cs +++ b/DysonNetwork.Sphere/Startup/ApplicationConfiguration.cs @@ -1,8 +1,7 @@ -using System.Net; using DysonNetwork.Shared.Auth; +using DysonNetwork.Shared.Http; using DysonNetwork.Sphere.Connection; using DysonNetwork.Sphere.Publisher; -using Microsoft.AspNetCore.HttpOverrides; using Prometheus; namespace DysonNetwork.Sphere.Startup; @@ -19,7 +18,7 @@ public static class ApplicationConfiguration app.UseRequestLocalization(); - ConfigureForwardedHeaders(app, configuration); + app.ConfigureForwardedHeaders(configuration); app.UseWebSockets(); app.UseAuthentication(); @@ -34,26 +33,4 @@ public static class ApplicationConfiguration return app; } - - private static void ConfigureForwardedHeaders(WebApplication app, IConfiguration configuration) - { - var knownProxiesSection = configuration.GetSection("KnownProxies"); - var forwardedHeadersOptions = new ForwardedHeadersOptions { ForwardedHeaders = ForwardedHeaders.All }; - - if (knownProxiesSection.Exists()) - { - var proxyAddresses = knownProxiesSection.Get(); - if (proxyAddresses != null) - foreach (var proxy in proxyAddresses) - if (IPAddress.TryParse(proxy, out var ipAddress)) - forwardedHeadersOptions.KnownProxies.Add(ipAddress); - } - else - { - forwardedHeadersOptions.KnownProxies.Add(IPAddress.Any); - forwardedHeadersOptions.KnownProxies.Add(IPAddress.IPv6Any); - } - - app.UseForwardedHeaders(forwardedHeadersOptions); - } }