CloudHost/argument.es
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #28 from matteomekhail/feature/x-real-ip

Browse Source 
Anti-spoofing system, fixes the counter viewer
This commit is contained in:
Theo Browne
2026-02-22 17:35:29 -08:00
committed by GitHub
parent e7d1cb3bf7 0b03c7c55c
commit 1a5c8354a0
1 changed files with 11 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
server.ts
View File

@@ -102,8 +102,19 @@ function parsePositiveInt(value: string | undefined, fallback: number): number {
} }
function getClientIp(req: Request, server: Bun.Server<WsData>): string { function getClientIp(req: Request, server: Bun.Server<WsData>): string {
// Railway's edge proxy strips client-provided X-Real-IP and sets the actual
// client IP. All traffic goes through the edge proxy — it cannot be bypassed.
// As a fallback, use the rightmost X-Forwarded-For value (the one Railway
// appends), then Bun's requestIP (which sees the proxy IP on Railway).
const realIp = req.headers.get("x-real-ip")?.trim(); const realIp = req.headers.get("x-real-ip")?.trim();
if (realIp) return realIp; if (realIp) return realIp;
const xff = req.headers.get("x-forwarded-for");
if (xff) {
const rightmost = xff.split(",").at(-1)?.trim();
if (rightmost) return rightmost;
}
return server.requestIP(req)?.address ?? "unknown"; return server.requestIP(req)?.address ?? "unknown";
} }