Skip to content

Commit 199e493

Browse files
feat: support CIDR notation for ForwardProxies in configuration (#85)
1 parent 9389454 commit 199e493

File tree

3 files changed

+23
-2
lines changed

3 files changed

+23
-2
lines changed

README.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -42,6 +42,7 @@ WebRootPath: "/opt/ss14_admin/bin/wwwroot"
4242

4343
ForwardProxies:
4444
- 127.0.0.1
45+
- 172.16.0.0/12 # Supports CIDR notation for subnets (Docker)
4546

4647
Auth:
4748
Authority: "https://central.spacestation14.io/web/"

SS14.Admin/Startup.cs

Lines changed: 21 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -99,9 +99,28 @@ public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
9999
ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto,
100100
};
101101

102-
foreach (var ip in Configuration.GetSection("ForwardProxies").Get<string[]>() ?? Array.Empty<string>())
102+
foreach (var entry in Configuration.GetSection("ForwardProxies").Get<string[]>() ?? Array.Empty<string>())
103103
{
104-
forwardedHeadersOptions.KnownProxies.Add(IPAddress.Parse(ip));
104+
// Try to parse as CIDR notation first (e.g., 192.168.1.0/24)
105+
if (IPHelper.TryParseIpOrCidr(entry, out var parsed))
106+
{
107+
var (ipAddress, prefixLength) = parsed;
108+
if (prefixLength.HasValue)
109+
{
110+
// It's a CIDR subnet, add to KnownNetworks
111+
var network = new Microsoft.AspNetCore.HttpOverrides.IPNetwork(ipAddress, prefixLength.Value);
112+
forwardedHeadersOptions.KnownNetworks.Add(network);
113+
}
114+
else
115+
{
116+
// It's a single IP address, add to KnownProxies
117+
forwardedHeadersOptions.KnownProxies.Add(ipAddress);
118+
}
119+
}
120+
else
121+
{
122+
throw new InvalidOperationException($"Invalid IP address or CIDR notation in ForwardProxies: {entry}");
123+
}
105124
}
106125

107126
app.UseForwardedHeaders(forwardedHeadersOptions);

SS14.Admin/appsettings.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,7 @@ Serilog:
1818

1919
ForwardProxies:
2020
- 127.0.0.1
21+
# - 172.16.0.0/12 # Supports CIDR notation for subnets (Docker)
2122

2223
AuthServer: "https://central.spacestation14.io/auth"
2324
AllowedHosts: "*"

0 commit comments

Comments
 (0)