Skip to content

Commit

Permalink
improve isUnsafeTrustedProxies() logic
Browse files Browse the repository at this point in the history
  • Loading branch information
@Bisstocuz
Bisstocuz committed Nov 29, 2021
1 parent 839cc53 commit ddc5c55
Showing 1 changed file with 2 additions and 3 deletions.
5 changes: 2 additions & 3 deletions gin.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,6 @@ import (
"net/http"
"os"
"path"
"reflect"
"strings"
"sync"

Expand Down Expand Up @@ -408,9 +407,9 @@ func (engine *Engine) SetTrustedProxies(trustedProxies []string) error {
return engine.parseTrustedProxies()
}

// isUnsafeTrustedProxies compares Engine.trustedCIDRs and defaultTrustedCIDRs, it's not safe if equal (returns true)
// isUnsafeTrustedProxies checks if Engine.trustedCIDRs contains all IPs, it's not safe if it has (returns true)
func (engine *Engine) isUnsafeTrustedProxies() bool {
return reflect.DeepEqual(engine.trustedCIDRs, defaultTrustedCIDRs)
return engine.isTrustedProxy(net.ParseIP("0.0.0.0")) || engine.isTrustedProxy(net.ParseIP("::"))
}

// parseTrustedProxies parse Engine.trustedProxies to Engine.trustedCIDRs
Expand Down

0 comments on commit ddc5c55

Please sign in to comment.