Add support IP address including port in X_FORWARDED_FOR header
mcharriere opened this issue · 2 comments
Some proxys include the port number in the client following the pattern ipaddress:port
Currently the library is passing the header directly to the ip_address function and, in this scenario is throwing this exception:
ERROR:aiohttp.server:Error handling request
Traceback (most recent call last):
File "/usr/local/lib/python3.7/site-packages/aiohttp/web_protocol.py", line 418, in start
resp = await task
File "/usr/local/lib/python3.7/site-packages/aiohttp/web_app.py", line 458, in _handle
resp = await handler(request)
File "/usr/local/lib/python3.7/site-packages/aiohttp/web_middlewares.py", line 119, in impl
return await handler(request)
File "/usr/local/lib/python3.7/site-packages/aiohttp_remotes/x_forwarded.py", line 59, in middleware
forwarded_for = self.get_forwarded_for(headers)
File "/usr/local/lib/python3.7/site-packages/aiohttp_remotes/x_forwarded.py", line 24, in get_forwarded_for
(a.strip() for a in forwarded_for)
File "/usr/local/lib/python3.7/site-packages/aiohttp_remotes/x_forwarded.py", line 25, in <listcomp>
if addr
File "/usr/local/lib/python3.7/ipaddress.py", line 54, in ip_address
address)
ValueError: '10.200.80.7:60604' does not appear to be an IPv4 or IPv6 address
I'll be sending a PR solving this issue.
Thanks
The feature request is invalid.
X-Forwarded-Host is for FQDN host name, X-Forwarded-For is for IP address, X-Forwarded-Port is for forwarded port.
You need the latest one. Passing host:port pair by X-Forwarded-For is never documented, at least I was unable to find any reference for such usage.
X-Forwarded-Port is for the server port. In particular, Azure load balancer is sending the client port in the header X-Forwarded-For.
Anyway, I think that my proposed solution would break IPv6. I'm closing this issue and the PR.
Thanks!