Normalize remote address before saving to context

One cause for https://todo.sr.ht/~sircmpwn/meta.sr.ht/193 was that code performing this sanitization was in multiple places, and a fix was not applied in all places. There is no reasonable expectation for the port to be present anyways, e.g. if the address is taken from a trusted reverse proxy's header. Hence, perform the normalization here, so that the code doing this in applications can be simplified. Note that this does not yet fix the below ticket, it will just make the fix easier. References: https://todo.sr.ht/~sircmpwn/meta.sr.ht/193
2022-05-06 16:46:30 +02:00 · 2022-05-06 16:46:30 +02:00 · 0b2fef24c0
parent 8c2729f421
commit 0b2fef24c0
1 changed files with 11 additions and 1 deletions
--- a/server/server.go
+++ b/server/server.go
@ -193,8 +193,16 @@ func (server *Server) WithDefaultMiddleware() *Server {
 	server.router.Use(middleware.Timeout(timeout))
 	server.router.Use(func(next http.Handler) http.Handler {
 		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			var err error
+			addr := r.RemoteAddr
+			if net.ParseIP(addr) == nil {
+				addr, _, err = net.SplitHostPort(addr)
+				if err != nil {
+					panic(fmt.Errorf("Invalid remote address: %s", r.RemoteAddr))
+				}
+			}
 			ctx := context.WithValue(r.Context(), serverCtxKey, server)
-			ctx = context.WithValue(ctx, remoteAddrCtxKey, r.RemoteAddr)
+			ctx = context.WithValue(ctx, remoteAddrCtxKey, addr)
 			r = r.WithContext(ctx)
 			next.ServeHTTP(w, r)
 		})
@ -203,6 +211,8 @@ func (server *Server) WithDefaultMiddleware() *Server {
 	return server
 }

+// RemoteAddr returns the remote address for this context. It is guaranteed to
+// be valid input for `net.ParseIP()`.
 func RemoteAddr(ctx context.Context) string {
 	raw, ok := ctx.Value(remoteAddrCtxKey).(string)
 	if !ok {