fix bug in validateHeader

2023-03-03 12:42:18 +03:00 · 2023-03-03 12:42:18 +03:00 · 41a4159766
parent a889c58de7
commit 41a4159766
1 changed files with 7 additions and 4 deletions
--- a/gin.go
+++ b/gin.go
@ -463,17 +463,20 @@ func (engine *Engine) validateHeader(header string) (clientIP string, valid bool
 	for i := len(items) - 1; i >= 0; i-- {
 		ipStr := strings.TrimSpace(items[i])
 		ip := net.ParseIP(ipStr)
+		valid = true
+
 		if ip == nil {
-			break
+			ipStr = ""
+			valid = false
 		}

 		// X-Forwarded-For is appended by proxy
 		// Check IPs in reverse order and stop when find untrusted proxy
-		if (i == 0) || (!engine.isTrustedProxy(ip)) {
-			return ipStr, true
+		if valid && (!engine.isTrustedProxy(ip)) {
+			return ipStr, valid
 		}
 	}
-	return "", false
+	return "", valid
 }

 // parseIP parse a string representation of an IP and returns a net.IP with the