MCPcopy Index your code
hub / github.com/coder/coder / EffectiveHost

Function EffectiveHost

coderd/httpmw/realip.go:111–135  ·  view source on GitHub ↗

EffectiveHost returns the host Coder should trust for request handling. It uses X-Forwarded-Host only when the immediate peer is a configured trusted proxy. Otherwise it uses the received Host header.

(config *RealIPConfig, r *http.Request)

Source from the content-addressed store, hash-verified

109// It uses X-Forwarded-Host only when the immediate peer is a configured
110// trusted proxy. Otherwise it uses the received Host header.
111func EffectiveHost(config *RealIPConfig, r *http.Request) string {
112 if config == nil {
113 config = &RealIPConfig{
114 TrustedOrigins: nil,
115 TrustedHeaders: nil,
116 }
117 }
118
119 // When ExtractRealIP has run, r.RemoteAddr may hold the forwarded
120 // client IP, and we should use the original socket peer for proxy
121 // trust decisions.
122 remoteAddr := r.RemoteAddr
123 state := RealIP(r.Context())
124 if state != nil && state.OriginalRemoteAddr != "" {
125 remoteAddr = state.OriginalRemoteAddr
126 }
127
128 if isContainedIn(config.TrustedOrigins, getRemoteAddress(remoteAddr)) {
129 if host := r.Header.Get(httpapi.XForwardedHostHeader); host != "" {
130 return host
131 }
132 }
133
134 return r.Host
135}
136
137// EnsureXForwardedForHeader ensures that the request has an X-Forwarded-For
138// header. It uses the following logic:

Callers 2

TestEffectiveHostFunction · 0.92
HandleSubdomainMethod · 0.92

Calls 5

RealIPFunction · 0.85
isContainedInFunction · 0.85
getRemoteAddressFunction · 0.85
ContextMethod · 0.65
GetMethod · 0.65

Tested by 1

TestEffectiveHostFunction · 0.74