fix: always override default proxies

Gin trusts all proxies by default. This is a security problem.
2024-02-04 10:30:51 +01:00 · 2024-02-04 10:30:51 +01:00 · 949e5df17e
parent c68b2b5a72
commit 949e5df17e
1 changed files with 2 additions and 4 deletions
--- a/router/router.go
+++ b/router/router.go
@ -27,10 +27,8 @@ import (
 func Create(db *database.GormDatabase, vInfo *model.VersionInfo, conf *config.Configuration) (*gin.Engine, func()) {
 	g := gin.New()

-	if conf.Server.TrustedProxies != nil {
 	g.SetTrustedProxies(conf.Server.TrustedProxies)
 	g.ForwardedByClientIP = true
-	}

 	g.Use(func(ctx *gin.Context) {
 		// Map sockets "@" to 127.0.0.1, because gin-gonic can only trust IPs.