http: reimplement X-Forwarded-For parsing (#4355)

This feature needs to be enabled through the `http.use_x_forwarded_for` option,
satisfying security concerns of spoofed remote addresses in untrusted network
environments.

The testsuite was enhanced to explicitly test the functionality of the
header.

Fixes #4265.

Signed-off-by: Martin Weinelt <hexa@darmstadt.ccc.de>
This commit is contained in:
hexa- 2016-11-13 01:14:39 +01:00 committed by Paulus Schoutsen
parent 3d47ad5018
commit e73634e6c7
5 changed files with 47 additions and 13 deletions

View file

@ -165,7 +165,8 @@ class TestCheckConfig(unittest.TestCase):
self.assertDictEqual({
'components': {'http': {'api_password': 'abc123',
'server_port': 8123}},
'server_port': 8123,
'use_x_forwarded_for': False}},
'except': {},
'secret_cache': {secrets_path: {'http_pw': 'abc123'}},
'secrets': {'http_pw': 'abc123'},