From ea0cb896a65c248cb934bc7c512144302c5886d0 Mon Sep 17 00:00:00 2001
From: Dobrica Pavlinusic <dpavlin@rot13.org>
Date: Sat, 7 Jul 2012 21:47:26 +0000
Subject: [PATCH] use proxy headers for client IP address

---
 plack/bookreader.psgi | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/plack/bookreader.psgi b/plack/bookreader.psgi
index c63001e..2dadb8d 100644
--- a/plack/bookreader.psgi
+++ b/plack/bookreader.psgi
@@ -10,6 +10,23 @@ use Plack::App::BookReader;
 
 builder {
 
+	# use proxy headers for client IP address
+	enable sub {
+		my ( $app, $env ) = @_;
+		return sub {
+			my $env = shift;
+			my $client_ip = $env->{HTTP_X_REAL_IP} || $env->{HTTP_X_FORWARDED_FOR};
+			if ( $client_ip ) {
+				my $proxy_ip = $env->{REMOTE_ADDR};
+				die "request not from authorized proxy $proxy_ip" if $proxy_ip !~ /\Q127.0.0.1\E$/;
+				warn "# rewrite $proxy_ip -> $client_ip\n";
+				$env->{REMOTE_ADDR} = $client_ip;
+			}
+
+			$app->( $env );
+		}
+	};
+
 	enable "Plack::Middleware::ServerStatus::Lite",
 		path => '/server-status',
 #		allow => [ '127.0.0.1', '10.60.0.0/16', '193.198.0.0/16', '0.0.0.0/32' ], # FIXME doesn't work for IPv6
-- 
2.20.1