Skip to content

Instantly share code, notes, and snippets.

@elidickinson
Created November 29, 2012 03:33
Show Gist options
  • Save elidickinson/4166628 to your computer and use it in GitHub Desktop.
Save elidickinson/4166628 to your computer and use it in GitHub Desktop.
ProxiedRequest class for flask that gets correct remote_addr
from flask import Request
class ProxiedRequest(Request):
"""
`Request` subclass that overrides `remote_addr` with Frontend Server's
HTTP_X_FORWARDED_FOR when available.
"""
@property
def remote_addr(self):
"""The remote address of the client."""
# Get a parsed version of X-Forwarded-For header (contains
# REMOTE_ADDR if no forwarded-for header). See
# http://en.wikipedia.org/wiki/X-Forwarded-For
fwd = self.access_route
remote = self.environ.get('REMOTE_ADDR', None)
if fwd and self._is_private_ip(remote):
# access route is a list where the client is first
# followed by any intermediary proxies. However, we
# can only trust the last entry as valid -- it's from
# the server one hop behind the one connecting.
return fwd[-1]
else:
return remote
def _is_private_ip(self,ip):
blank_ip = (ip is None or ip == '')
private_ip = (ip.startswith('10.') or ip.startswith('172.16.') or ip.startswith('192.168.'))
local_ip = (ip == '127.0.0.1' or ip == '0.0.0.0')
return blank_ip or private_ip or local_ip
## use this class so we get real IPs
# from real_ip_address import ProxiedRequest
# app = [...]
# app.request_class = ProxiedRequest
@elidickinson
Copy link
Author

The _is_private_ip function is a little broken here (it's missing some 172. addresses). I took another swing at it here based on the official ProxyFix "fixer" in werkzeug. https://gist.github.com/elidickinson/5565991

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment