renil/lx-music-api-server
1
0
Fork 0
mirror of https://github.com/MeoProject/lx-music-api-server.git synced 2025-05-23 19:17:41 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix: 修复一个逻辑漏洞

Browse Source
This commit is contained in:
lerdb 2024-10-10 17:08:23 +08:00
parent aa1894b66f
commit 52420696f8
No known key found for this signature in database
GPG Key ID: FBBF3738C577282C
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
main.py
View File

@ -71,7 +71,7 @@ async def handle_before_request(app, handler):
try:
if config.read_config("common.reverse_proxy.allow_proxy") and request.headers.get(
config.read_config("common.reverse_proxy.real_ip_header")):
if not config.read_config("common.reverse_proxy.allow_public_ip") or utils.is_local_ip(request.remote):
if not (config.read_config("common.reverse_proxy.allow_public_ip") or utils.is_local_ip(request.remote)):
return handleResult({"code": 1, "msg": "不允许的公网ip转发", "data": None}, 403)
# proxy header
request.remote_addr = request.headers.get(config.read_config("common.reverse_proxy.real_ip_header"))