Commit dbf0a922 authored by Grzegorz Bizon's avatar Grzegorz Bizon

Merge branch 'sh-fix-issue-58103' into 'master'

Properly handle multiple X-Forwarded-For addresses in runner IP

Closes #58103

See merge request gitlab-org/gitlab-ce!25511
parents 9428db8e d03b7bb1
No related merge requests found
---
title: Properly handle multiple X-Forwarded-For addresses in runner IP
merge_request: 25511
author:
type: fixed
...@@ -26,7 +26,7 @@ module API ...@@ -26,7 +26,7 @@ module API
end end
def get_runner_ip def get_runner_ip
{ ip_address: request.env["HTTP_X_FORWARDED_FOR"] || request.ip } { ip_address: env["action_dispatch.remote_ip"].to_s || request.ip }
end end
def current_runner def current_runner
......
...@@ -526,6 +526,15 @@ describe API::Runner, :clean_gitlab_redis_shared_state do ...@@ -526,6 +526,15 @@ describe API::Runner, :clean_gitlab_redis_shared_state do
expect(runner.reload.ip_address).to eq('123.222.123.222') expect(runner.reload.ip_address).to eq('123.222.123.222')
end end
it "handles multiple X-Forwarded-For addresses" do
post api('/jobs/request'),
params: { token: runner.token },
headers: { 'User-Agent' => user_agent, 'X-Forwarded-For' => '123.222.123.222, 127.0.0.1' }
expect(response).to have_gitlab_http_status 201
expect(runner.reload.ip_address).to eq('123.222.123.222')
end
context 'when concurrently updating a job' do context 'when concurrently updating a job' do
before do before do
expect_any_instance_of(Ci::Build).to receive(:run!) expect_any_instance_of(Ci::Build).to receive(:run!)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment