diff options
| author |  tobi <31960611+tsmethurst@users.noreply.github.com> | 2025-01-26 12:21:57 +0100 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2025-01-26 11:21:57 +0000 |
| commit | 2a466811473e22d132736506c716e649caf76371 (patch) | |
| tree | 56c3a376d5a41e5684c2ca8e0afd9a5e9e9afde8 /internal/api | |
| parent | [docs] Swagger: fix filter context params by moving enum list from the list t... (diff) | |
| download | gotosocial-2a466811473e22d132736506c716e649caf76371.tar.xz | |
[chore] Allow suppressing trusted-proxies warning by disabling rate limiting (#3686)
Diffstat (limited to 'internal/api')
| -rw-r--r-- | internal/api/util/template.go | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/internal/api/util/template.go b/internal/api/util/template.go index fcfd80956..f58563660 100644 --- a/internal/api/util/template.go +++ b/internal/api/util/template.go @@ -23,6 +23,7 @@ import ( "github.com/gin-gonic/gin" apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model" + "github.com/superseriousbusiness/gotosocial/internal/config" ) // WebPage encapsulates variables for @@ -96,6 +97,17 @@ func injectTrustedProxiesRec( c *gin.Context, obj map[string]any, ) { + if config.GetAdvancedRateLimitRequests() <= 0 { + // If rate limiting is disabled entirely + // there's no point in giving a trusted + // proxies rec, as proper clientIP is + // basically only used for rate limiting. + return + } + + // clientIP = the client IP that gin + // derives based on x-forwarded-for + // and current trusted proxies. clientIP := c.ClientIP() if clientIP == "127.0.0.1" { // Suggest precise 127.0.0.1/32. @@ -119,7 +131,9 @@ func injectTrustedProxiesRec( if !hasRemoteIPHeader { // Upstream hasn't set a - // remote IP header, bail. + // remote IP header so we're + // probably not in a reverse + // proxy setup, bail. return } |