diff options
| author | JPVenson <github@jpb.email> | 2025-06-09 04:52:48 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-06-08 19:52:48 -0600 |
| commit | a8601b379775180599cb935236fba4e5a89ee89d (patch) | |
| tree | 3d6c9de1586489bea6f8c3aa2808734fa8d796ce | |
| parent | 1e9e4ffda9abe30b71ceb1de2f4c3143805c66a9 (diff) | |
util forward headers on startup api (#14246)
| -rw-r--r-- | Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs | 45 | ||||
| -rw-r--r-- | Jellyfin.Server/ServerSetupApp/SetupServer.cs | 10 |
2 files changed, 33 insertions, 22 deletions
diff --git a/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs index 09a4e2ed3..3038841df 100644 --- a/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs +++ b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs @@ -116,26 +116,7 @@ namespace Jellyfin.Server.Extensions .AddTransient<ICorsPolicyProvider, CorsPolicyProvider>() .Configure<ForwardedHeadersOptions>(options => { - // https://github.com/dotnet/aspnetcore/blob/master/src/Middleware/HttpOverrides/src/ForwardedHeadersMiddleware.cs - // Enable debug logging on Microsoft.AspNetCore.HttpOverrides.ForwardedHeadersMiddleware to help investigate issues. - - if (config.KnownProxies.Length == 0) - { - options.ForwardedHeaders = ForwardedHeaders.None; - options.KnownNetworks.Clear(); - options.KnownProxies.Clear(); - } - else - { - options.ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto | ForwardedHeaders.XForwardedHost; - AddProxyAddresses(config, config.KnownProxies, options); - } - - // Only set forward limit if we have some known proxies or some known networks. - if (options.KnownProxies.Count != 0 || options.KnownNetworks.Count != 0) - { - options.ForwardLimit = null; - } + ConfigureForwardHeaders(config, options); }) .AddMvc(opts => { @@ -183,6 +164,30 @@ namespace Jellyfin.Server.Extensions return mvcBuilder.AddControllersAsServices(); } + internal static void ConfigureForwardHeaders(NetworkConfiguration config, ForwardedHeadersOptions options) + { + // https://github.com/dotnet/aspnetcore/blob/master/src/Middleware/HttpOverrides/src/ForwardedHeadersMiddleware.cs + // Enable debug logging on Microsoft.AspNetCore.HttpOverrides.ForwardedHeadersMiddleware to help investigate issues. + + if (config.KnownProxies.Length == 0) + { + options.ForwardedHeaders = ForwardedHeaders.None; + options.KnownNetworks.Clear(); + options.KnownProxies.Clear(); + } + else + { + options.ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto | ForwardedHeaders.XForwardedHost; + AddProxyAddresses(config, config.KnownProxies, options); + } + + // Only set forward limit if we have some known proxies or some known networks. + if (options.KnownProxies.Count != 0 || options.KnownNetworks.Count != 0) + { + options.ForwardLimit = null; + } + } + /// <summary> /// Adds Swagger to the service collection. /// </summary> diff --git a/Jellyfin.Server/ServerSetupApp/SetupServer.cs b/Jellyfin.Server/ServerSetupApp/SetupServer.cs index 6d58e3c4e..43a966e9b 100644 --- a/Jellyfin.Server/ServerSetupApp/SetupServer.cs +++ b/Jellyfin.Server/ServerSetupApp/SetupServer.cs @@ -10,6 +10,7 @@ using System.Threading.Tasks; using Emby.Server.Implementations.Configuration; using Emby.Server.Implementations.Serialization; using Jellyfin.Networking.Manager; +using Jellyfin.Server.Extensions; using MediaBrowser.Common.Configuration; using MediaBrowser.Common.Net; using MediaBrowser.Controller; @@ -18,6 +19,7 @@ using MediaBrowser.Model.System; using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Hosting; using Microsoft.AspNetCore.Http; +using Microsoft.AspNetCore.HttpOverrides; using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Diagnostics.HealthChecks; @@ -138,19 +140,23 @@ public sealed class SetupServer : IDisposable ThrowIfDisposed(); var retryAfterValue = TimeSpan.FromSeconds(5); + var config = _configurationManager.GetNetworkConfiguration()!; _startupServer = Host.CreateDefaultBuilder() .UseConsoleLifetime() .ConfigureServices(serv => { serv.AddHealthChecks() .AddCheck<SetupHealthcheck>("StartupCheck"); + serv.Configure<ForwardedHeadersOptions>(options => + { + ApiServiceCollectionExtensions.ConfigureForwardHeaders(config, options); + }); }) .ConfigureWebHostDefaults(webHostBuilder => { webHostBuilder .UseKestrel((builderContext, options) => { - var config = _configurationManager.GetNetworkConfiguration()!; var knownBindInterfaces = NetworkManager.GetInterfacesCore(_loggerFactory.CreateLogger<SetupServer>(), config.EnableIPv4, config.EnableIPv6); knownBindInterfaces = NetworkManager.FilterBindSettings(config, knownBindInterfaces.ToList(), config.EnableIPv4, config.EnableIPv6); var bindInterfaces = NetworkManager.GetAllBindInterfaces(false, _configurationManager, knownBindInterfaces, config.EnableIPv4, config.EnableIPv6); @@ -168,7 +174,7 @@ public sealed class SetupServer : IDisposable .Configure(app => { app.UseHealthChecks("/health"); - + app.UseForwardedHeaders(); app.Map("/startup/logger", loggerRoute => { loggerRoute.Run(async context => |