From ace566b053da9cab8fe25eede61dba744bf3d749 Mon Sep 17 00:00:00 2001
From: crupest <crupest@outlook.com>
Date: Mon, 21 Nov 2022 12:55:05 +0800
Subject: Try to fix timeline again.

---
 BackEnd/Timeline/Startup.cs | 52 ++++++++++++++++++++++++++++++++++-----------
 Dockerfile                  |  2 ++
 2 files changed, 42 insertions(+), 12 deletions(-)

diff --git a/BackEnd/Timeline/Startup.cs b/BackEnd/Timeline/Startup.cs
index 171b1b14..d0438796 100644
--- a/BackEnd/Timeline/Startup.cs
+++ b/BackEnd/Timeline/Startup.cs
@@ -6,7 +6,10 @@ using Microsoft.EntityFrameworkCore;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 using System;
+using System.Collections.Generic;
 using System.ComponentModel;
+using System.Net;
+using System.Text;
 using System.Text.Json.Serialization;
 using Timeline.Auth;
 using Timeline.Configs;
@@ -34,7 +37,9 @@ namespace Timeline
     public class Startup
     {
         private readonly bool _enableForwardedHeaders;
-        private readonly string? _forwardedHeadersAllowedProxyHosts;
+        private readonly string? _forwardedHeadersAllowedProxyHostsString;
+        private readonly List<string>? _forwardedHeadersAllowedProxyHosts = null;
+        private readonly List<List<IPAddress>>? _forwardedHeadersAllowedProxyIPs = null;
         private readonly FrontEndMode _frontEndMode;
 
         public Startup(IConfiguration configuration, IWebHostEnvironment environment)
@@ -62,7 +67,7 @@ namespace Timeline
             }
 
             _enableForwardedHeaders = ApplicationConfiguration.GetBoolConfig(configuration, ApplicationConfiguration.EnableForwardedHeadersKey, false);
-            _forwardedHeadersAllowedProxyHosts = Configuration.GetValue<string?>(ApplicationConfiguration.ForwardedHeadersAllowedProxyHostsKey);
+            _forwardedHeadersAllowedProxyHostsString = Configuration.GetValue<string?>(ApplicationConfiguration.ForwardedHeadersAllowedProxyHostsKey);
 
             if (_enableForwardedHeaders)
             {
@@ -71,9 +76,37 @@ namespace Timeline
                 Console.ResetColor();
 
                 Console.ForegroundColor = ConsoleColor.Yellow;
-                if (_forwardedHeadersAllowedProxyHosts is not null)
+                if (_forwardedHeadersAllowedProxyHostsString is not null)
                 {
-                    Console.WriteLine("Allowed proxy hosts: {0}", _forwardedHeadersAllowedProxyHosts);
+                    _forwardedHeadersAllowedProxyHosts = new List<string>();
+                    foreach (var host in _forwardedHeadersAllowedProxyHostsString.Split(new char[] { ';', ',' }))
+                    {
+                        _forwardedHeadersAllowedProxyHosts.Add(host.Trim());
+                    }
+
+                    _forwardedHeadersAllowedProxyIPs = new();
+                    foreach (var host in _forwardedHeadersAllowedProxyHosts)
+                    {
+                        // Resolve host to ip
+                        var ips = System.Net.Dns.GetHostAddresses(host);
+                        _forwardedHeadersAllowedProxyIPs.Add(new(ips));
+                    }
+
+                    Console.WriteLine("Allowed proxy hosts:");
+                    Console.ForegroundColor = ConsoleColor.Cyan;
+                    StringBuilder log = new();
+                    for (int i = 0; i < _forwardedHeadersAllowedProxyHosts.Count; i++)
+                    {
+                        log.Append(_forwardedHeadersAllowedProxyHosts[i]);
+                        log.Append(" (");
+                        foreach (var ip in _forwardedHeadersAllowedProxyIPs[i])
+                        {
+                            log.Append(ip.ToString());
+                            log.Append(" ");
+                        }
+                        log.Append(")\n");
+                    }
+                    Console.WriteLine(log.ToString());
                 }
                 else
                 {
@@ -168,18 +201,13 @@ namespace Timeline
                 services.Configure<ForwardedHeadersOptions>(options =>
                 {
                     options.ForwardedHeaders = Microsoft.AspNetCore.HttpOverrides.ForwardedHeaders.XForwardedFor | Microsoft.AspNetCore.HttpOverrides.ForwardedHeaders.XForwardedProto;
-                    if (_forwardedHeadersAllowedProxyHosts is not null)
+                    if (_forwardedHeadersAllowedProxyHostsString is not null)
                     {
                         options.KnownNetworks.Clear();
                         options.KnownProxies.Clear();
-                        foreach (var host in _forwardedHeadersAllowedProxyHosts.Split(new char[] { ';', ',' }))
+                        foreach (var ips in _forwardedHeadersAllowedProxyIPs!)
                         {
-                            // Resolve host to ip
-                            var ips = System.Net.Dns.GetHostAddresses(host);
-                            foreach (var ip in ips)
-                            {
-                                options.KnownProxies.Add(ip);
-                            }
+                            ips.ForEach(ip => options.KnownProxies.Add(ip));
                         }
                     }
                 });
diff --git a/Dockerfile b/Dockerfile
index 21737647..3751dfa7 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -12,6 +12,8 @@ COPY --from=front-build /timeline-app/dist /timeline-app/Timeline/ClientApp
 RUN dotnet publish Timeline/Timeline.csproj --configuration Release --output ./Timeline/publish/ -r linux-x64 --self-contained false
 
 FROM mcr.microsoft.com/dotnet/aspnet:6.0
+ENV ASPNETCORE_URLS=http://+:80
 WORKDIR /app
 COPY --from=back-build /timeline-app/Timeline/publish .
+EXPOSE 80
 ENTRYPOINT ["dotnet", "Timeline.dll"]
-- 
cgit v1.2.3