MCPcopy Index your code
hub / github.com/labstack/echo / TestExtractIPFromRealIPHeader

Function TestExtractIPFromRealIPHeader

ip_test.go:492–601  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

490}
491
492func TestExtractIPFromRealIPHeader(t *testing.T) {
493 _, ipForRemoteAddrExternalRange, _ := net.ParseCIDR("203.0.113.199/24")
494 _, ipv6ForRemoteAddrExternalRange, _ := net.ParseCIDR("2001:db8::/64")
495
496 var testCases = []struct {
497 whenRequest http.Request
498 name string
499 expectIP string
500 givenTrustOptions []TrustOption
501 }{
502 {
503 name: "request has no headers, extracts IP from request remote addr",
504 whenRequest: http.Request{
505 RemoteAddr: "203.0.113.1:8080",
506 },
507 expectIP: "203.0.113.1",
508 },
509 {
510 name: "request is from external IP has INVALID external X-Real-Ip header, extract IP from remote addr",
511 whenRequest: http.Request{
512 Header: http.Header{
513 HeaderXRealIP: []string{"xxx.yyy.zzz.ccc"}, // <-- this is invalid
514 },
515 RemoteAddr: "203.0.113.1:8080",
516 },
517 expectIP: "203.0.113.1",
518 },
519 {
520 name: "request is from external IP has valid + UNTRUSTED external X-Real-Ip header, extract IP from remote addr",
521 whenRequest: http.Request{
522 Header: http.Header{
523 HeaderXRealIP: []string{"203.0.113.199"}, // <-- this is untrusted
524 },
525 RemoteAddr: "203.0.113.1:8080",
526 },
527 expectIP: "203.0.113.1",
528 },
529 {
530 name: "request is from external IP has valid + UNTRUSTED external X-Real-Ip header, extract IP from remote addr",
531 whenRequest: http.Request{
532 Header: http.Header{
533 HeaderXRealIP: []string{"[2001:db8::113:199]"}, // <-- this is untrusted
534 },
535 RemoteAddr: "[2001:db8::113:1]:8080",
536 },
537 expectIP: "2001:db8::113:1",
538 },
539 {
540 name: "request is from external IP has valid + TRUSTED X-Real-Ip header, extract IP from X-Real-Ip header",
541 givenTrustOptions: []TrustOption{ // case for "trust direct-facing proxy"
542 TrustIPRange(ipForRemoteAddrExternalRange), // we trust external IP range "203.0.113.199/24"
543 },
544 whenRequest: http.Request{
545 Header: http.Header{
546 HeaderXRealIP: []string{"203.0.113.199"},
547 },
548 RemoteAddr: "203.0.113.1:8080",
549 },

Callers

nothing calls this directly

Calls 2

TrustIPRangeFunction · 0.85

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…