[fix] reduce error logs related to X-Forwarded-For & X-Real-IP headers

To test start a `make run` instance and query multiple times for `ip` (the
answerer), you should see only once the error message(s):

    ERROR   searx.botdetection            : X-Forwarded-For header is not set!
    ERROR   searx.botdetection            : X-Real-IP header is not set!

[1] https://github.com/searxng/searxng-docker/discussions/174
[2] https://github.com/searxng/searxng-docker/pull/162#issuecomment-1692834457

Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
This commit is contained in:
Markus Heiser 2023-08-25 09:51:54 +02:00 committed by MatthieuBarbu
parent f75a9aa927
commit cb07e8966e
1 changed files with 11 additions and 2 deletions

View File

@ -58,6 +58,15 @@ def get_network(real_ip: IPv4Address | IPv6Address, cfg: config.Config) -> IPv4N
return network return network
_logged_errors = []
def _log_error_only_once(err_msg):
if err_msg not in _logged_errors:
logger.error(err_msg)
_logged_errors.append(err_msg)
def get_real_ip(request: flask.Request) -> str: def get_real_ip(request: flask.Request) -> str:
"""Returns real IP of the request. Since not all proxies set all the HTTP """Returns real IP of the request. Since not all proxies set all the HTTP
headers and incoming headers can be faked it may happen that the IP cannot headers and incoming headers can be faked it may happen that the IP cannot
@ -93,7 +102,7 @@ def get_real_ip(request: flask.Request) -> str:
# ) # )
if not forwarded_for: if not forwarded_for:
logger.error("X-Forwarded-For header is not set!") _log_error_only_once("X-Forwarded-For header is not set!")
else: else:
from .limiter import get_cfg # pylint: disable=import-outside-toplevel, cyclic-import from .limiter import get_cfg # pylint: disable=import-outside-toplevel, cyclic-import
@ -102,7 +111,7 @@ def get_real_ip(request: flask.Request) -> str:
forwarded_for = forwarded_for[-min(len(forwarded_for), x_for)] forwarded_for = forwarded_for[-min(len(forwarded_for), x_for)]
if not real_ip: if not real_ip:
logger.error("X-Real-IP header is not set!") _log_error_only_once("X-Real-IP header is not set!")
if forwarded_for and real_ip and forwarded_for != real_ip: if forwarded_for and real_ip and forwarded_for != real_ip:
logger.warning("IP from X-Real-IP (%s) is not equal to IP from X-Forwarded-For (%s)", real_ip, forwarded_for) logger.warning("IP from X-Real-IP (%s) is not equal to IP from X-Forwarded-For (%s)", real_ip, forwarded_for)