diff --git a/common/ASC.Common/Utils/HttpRequestExtensions.cs b/common/ASC.Common/Utils/HttpRequestExtensions.cs index 2c4da13387..83c3f667e7 100644 --- a/common/ASC.Common/Utils/HttpRequestExtensions.cs +++ b/common/ASC.Common/Utils/HttpRequestExtensions.cs @@ -179,11 +179,6 @@ public static class HttpRequestExtensions return !string.IsNullOrEmpty(request.Headers[HeaderNames.UserAgent]) && (request.Headers[HeaderNames.UserAgent].Contains("iOS") || request.Headers[HeaderNames.UserAgent].Contains("Android")); } - public static string GetUserHostAddress(this HttpRequest request) - { - return request.HttpContext.Features.Get()?.RemoteIpAddress?.ToString(); - } - private static Uri ParseRewriterUrl(string s) { if (string.IsNullOrEmpty(s)) diff --git a/common/ASC.Core.Common/Context/SecurityContext.cs b/common/ASC.Core.Common/Context/SecurityContext.cs index d2b178cd7c..780599ee09 100644 --- a/common/ASC.Core.Common/Context/SecurityContext.cs +++ b/common/ASC.Core.Common/Context/SecurityContext.cs @@ -111,7 +111,7 @@ public class SecurityContext ArgumentNullException.ThrowIfNull(request); - ipFrom = "from " + (request.Headers["X-Forwarded-For"].ToString() ?? request.GetUserHostAddress()); + ipFrom = "from " + _httpContextAccessor?.HttpContext.Connection.RemoteIpAddress; address = "for " + request.GetUrlRewriter(); } _logger.InformationEmptyBearer(ipFrom, address); @@ -127,7 +127,7 @@ public class SecurityContext ArgumentNullException.ThrowIfNull(request); address = "for " + request.GetUrlRewriter(); - ipFrom = "from " + (request.Headers["X-Forwarded-For"].ToString() ?? request.GetUserHostAddress()); + ipFrom = "from " + _httpContextAccessor?.HttpContext.Connection.RemoteIpAddress; } _logger.WarningCanNotDecrypt(cookie, ipFrom, address); diff --git a/common/ASC.Core.Common/GeolocationHelper.cs b/common/ASC.Core.Common/GeolocationHelper.cs index 917f847ca6..7f68caa146 100644 --- a/common/ASC.Core.Common/GeolocationHelper.cs +++ b/common/ASC.Core.Common/GeolocationHelper.cs @@ -78,10 +78,13 @@ public class GeolocationHelper { if (_httpContextAccessor.HttpContext?.Request != null) { - var ip = (string)(_httpContextAccessor.HttpContext.Items["X-Forwarded-For"] ?? _httpContextAccessor.HttpContext.Items["REMOTE_ADDR"]); - if (!string.IsNullOrWhiteSpace(ip)) + var ip = _httpContextAccessor.HttpContext.Connection.RemoteIpAddress; + + if (ip != IPAddress.Loopback) { - return GetIPGeolocation(ip); + _logger.DebugRemoteIpAddress(ip.ToString()); + + return GetIPGeolocation(ip.ToString()); } } diff --git a/common/ASC.Core.Common/Log/GeolocationHelperLogger.cs b/common/ASC.Core.Common/Log/GeolocationHelperLogger.cs index ece6d33741..c912da46f8 100644 --- a/common/ASC.Core.Common/Log/GeolocationHelperLogger.cs +++ b/common/ASC.Core.Common/Log/GeolocationHelperLogger.cs @@ -27,6 +27,9 @@ namespace ASC.Core.Common.Log; internal static partial class GeolocationHelperLogger { + [LoggerMessage(Level = LogLevel.Error, Message = "This is remote ip address {remoteIp}")] + public static partial void DebugRemoteIpAddress(this ILogger logger, string remoteIp); + [LoggerMessage(Level = LogLevel.Error, Message = "GetIPGeolocation")] public static partial void ErrorGetIPGeolocation(this ILogger logger, Exception exception); diff --git a/common/ASC.Core.Common/Security/Authentication/CookieStorage.cs b/common/ASC.Core.Common/Security/Authentication/CookieStorage.cs index 2b9e1aa3d8..ccb93b908a 100644 --- a/common/ASC.Core.Common/Security/Authentication/CookieStorage.cs +++ b/common/ASC.Core.Common/Security/Authentication/CookieStorage.cs @@ -166,8 +166,7 @@ public class CookieStorage { if (_httpContext?.Request != null) { - var forwarded = _httpContext.Request.Headers["X-Forwarded-For"].ToString(); - data = string.IsNullOrEmpty(forwarded) ? _httpContext.Request.GetUserHostAddress() : forwarded.Split(':')[0]; + data = _httpContext.Connection.RemoteIpAddress.ToString(); } } catch { } diff --git a/common/ASC.IPSecurity/Utils/IPSecurity.cs b/common/ASC.IPSecurity/Utils/IPSecurity.cs index 01581cd960..2091a8dcca 100644 --- a/common/ASC.IPSecurity/Utils/IPSecurity.cs +++ b/common/ASC.IPSecurity/Utils/IPSecurity.cs @@ -98,7 +98,7 @@ public class IPSecurity if (string.IsNullOrWhiteSpace(requestIps)) { var request = _httpContextAccessor.HttpContext.Request; - requestIps = request.Headers["X-Forwarded-For"].FirstOrDefault() ?? request.GetUserHostAddress(); + requestIps = _httpContextAccessor.HttpContext.Connection.RemoteIpAddress.ToString(); } var ips = string.IsNullOrWhiteSpace(requestIps) diff --git a/common/ASC.MessagingSystem/Core/MessageSettings.cs b/common/ASC.MessagingSystem/Core/MessageSettings.cs index 69075d1d2c..826b4d32bc 100644 --- a/common/ASC.MessagingSystem/Core/MessageSettings.cs +++ b/common/ASC.MessagingSystem/Core/MessageSettings.cs @@ -77,11 +77,7 @@ public class MessageSettings { if (request != null) { - var str = request.Headers[ForwardedHeader].FirstOrDefault() ?? request.GetUserHostAddress(); - if (str != null) - { - return str.Substring(0, str.IndexOf(':') != -1 ? str.IndexOf(':') : str.Length); - } + return request.HttpContext.Connection.RemoteIpAddress.ToString(); } return null; } diff --git a/products/ASC.People/Server/Api/UserController.cs b/products/ASC.People/Server/Api/UserController.cs index 0ea83b6b5f..8db1586836 100644 --- a/products/ASC.People/Server/Api/UserController.cs +++ b/products/ASC.People/Server/Api/UserController.cs @@ -1251,7 +1251,7 @@ public class UserController : PeopleControllerBase if (!SetupInfo.IsSecretEmail(inDto.Email) && !string.IsNullOrEmpty(_setupInfo.RecaptchaPublicKey) && !string.IsNullOrEmpty(_setupInfo.RecaptchaPrivateKey)) { - var ip = Request.Headers["X-Forwarded-For"].ToString() ?? Request.GetUserHostAddress(); + var ip = _httpContextAccessor.HttpContext?.Connection.RemoteIpAddress.ToString(); if (string.IsNullOrEmpty(inDto.RecaptchaResponse) || !await _recaptcha.ValidateRecaptchaAsync(inDto.RecaptchaResponse, ip)) diff --git a/web/ASC.Web.Api/Api/PaymentsController.cs b/web/ASC.Web.Api/Api/PaymentsController.cs index 4477b1e780..2ba09b5885 100644 --- a/web/ASC.Web.Api/Api/PaymentsController.cs +++ b/web/ASC.Web.Api/Api/PaymentsController.cs @@ -179,7 +179,8 @@ public class PaymentController : ControllerBase internal void CheckCache(string basekey) { - var key = _httpContextAccessor.HttpContext.Request.GetUserHostAddress() + basekey; + var key = _httpContextAccessor.HttpContext.Connection.RemoteIpAddress.ToString() + basekey; + if (_memoryCache.TryGetValue(key, out var count)) { if (count > _maxCount) diff --git a/web/ASC.Web.Api/Api/Settings/BaseSettingsController.cs b/web/ASC.Web.Api/Api/Settings/BaseSettingsController.cs index 9ad6c4cc08..6a1eead02a 100644 --- a/web/ASC.Web.Api/Api/Settings/BaseSettingsController.cs +++ b/web/ASC.Web.Api/Api/Settings/BaseSettingsController.cs @@ -55,7 +55,7 @@ public partial class BaseSettingsController : ControllerBase internal void CheckCache(string basekey) { - var key = _httpContextAccessor.HttpContext.Request.GetUserHostAddress() + basekey; + var key = _httpContextAccessor.HttpContext.Connection.RemoteIpAddress.ToString() + basekey; if (MemoryCache.TryGetValue(key, out var count)) { if (count > _maxCount)