util forward headers on startup api (#14246)

2025-07-08 10:44:23 -04:00 · 2025-06-09 04:52:48 +03:00 · 2025-06-09 04:52:48 +03:00 · a8601b3797
commit a8601b3797
parent 1e9e4ffda9
2 changed files with 33 additions and 22 deletions
--- a/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs
+++ b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs
@ -116,26 +116,7 @@ namespace Jellyfin.Server.Extensions
                .AddTransient<ICorsPolicyProvider, CorsPolicyProvider>()
                .Configure<ForwardedHeadersOptions>(options =>
                {
-                    // https://github.com/dotnet/aspnetcore/blob/master/src/Middleware/HttpOverrides/src/ForwardedHeadersMiddleware.cs
-                    // Enable debug logging on Microsoft.AspNetCore.HttpOverrides.ForwardedHeadersMiddleware to help investigate issues.
-
-                    if (config.KnownProxies.Length == 0)
-                    {
-                        options.ForwardedHeaders = ForwardedHeaders.None;
-                        options.KnownNetworks.Clear();
-                        options.KnownProxies.Clear();
-                    }
-                    else
-                    {
-                        options.ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto | ForwardedHeaders.XForwardedHost;
-                        AddProxyAddresses(config, config.KnownProxies, options);
-                    }
-
-                    // Only set forward limit if we have some known proxies or some known networks.
-                    if (options.KnownProxies.Count != 0 || options.KnownNetworks.Count != 0)
-                    {
-                        options.ForwardLimit = null;
-                    }
+                    ConfigureForwardHeaders(config, options);
                })
                .AddMvc(opts =>
                {
@ -183,6 +164,30 @@ namespace Jellyfin.Server.Extensions
            return mvcBuilder.AddControllersAsServices();
        }

+        internal static void ConfigureForwardHeaders(NetworkConfiguration config, ForwardedHeadersOptions options)
+        {
+            // https://github.com/dotnet/aspnetcore/blob/master/src/Middleware/HttpOverrides/src/ForwardedHeadersMiddleware.cs
+            // Enable debug logging on Microsoft.AspNetCore.HttpOverrides.ForwardedHeadersMiddleware to help investigate issues.
+
+            if (config.KnownProxies.Length == 0)
+            {
+                options.ForwardedHeaders = ForwardedHeaders.None;
+                options.KnownNetworks.Clear();
+                options.KnownProxies.Clear();
+            }
+            else
+            {
+                options.ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto | ForwardedHeaders.XForwardedHost;
+                AddProxyAddresses(config, config.KnownProxies, options);
+            }
+
+            // Only set forward limit if we have some known proxies or some known networks.
+            if (options.KnownProxies.Count != 0 || options.KnownNetworks.Count != 0)
+            {
+                options.ForwardLimit = null;
+            }
+        }
+
        /// <summary>
        /// Adds Swagger to the service collection.
        /// </summary>
--- a/Jellyfin.Server/ServerSetupApp/SetupServer.cs
+++ b/Jellyfin.Server/ServerSetupApp/SetupServer.cs
@ -10,6 +10,7 @@ using System.Threading.Tasks;
 using Emby.Server.Implementations.Configuration;
 using Emby.Server.Implementations.Serialization;
 using Jellyfin.Networking.Manager;
+using Jellyfin.Server.Extensions;
 using MediaBrowser.Common.Configuration;
 using MediaBrowser.Common.Net;
 using MediaBrowser.Controller;
@ -18,6 +19,7 @@ using MediaBrowser.Model.System;
 using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Hosting;
 using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.HttpOverrides;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Diagnostics.HealthChecks;
@ -138,19 +140,23 @@ public sealed class SetupServer : IDisposable

        ThrowIfDisposed();
        var retryAfterValue = TimeSpan.FromSeconds(5);
+        var config = _configurationManager.GetNetworkConfiguration()!;
        _startupServer = Host.CreateDefaultBuilder()
            .UseConsoleLifetime()
            .ConfigureServices(serv =>
            {
                serv.AddHealthChecks()
                    .AddCheck<SetupHealthcheck>("StartupCheck");
+                serv.Configure<ForwardedHeadersOptions>(options =>
+                {
+                    ApiServiceCollectionExtensions.ConfigureForwardHeaders(config, options);
+                });
            })
            .ConfigureWebHostDefaults(webHostBuilder =>
                    {
                        webHostBuilder
                                .UseKestrel((builderContext, options) =>
                                {
-                                    var config = _configurationManager.GetNetworkConfiguration()!;
                                    var knownBindInterfaces = NetworkManager.GetInterfacesCore(_loggerFactory.CreateLogger<SetupServer>(), config.EnableIPv4, config.EnableIPv6);
                                    knownBindInterfaces = NetworkManager.FilterBindSettings(config, knownBindInterfaces.ToList(), config.EnableIPv4, config.EnableIPv6);
                                    var bindInterfaces = NetworkManager.GetAllBindInterfaces(false, _configurationManager, knownBindInterfaces, config.EnableIPv4, config.EnableIPv6);
@ -168,7 +174,7 @@ public sealed class SetupServer : IDisposable
                                .Configure(app =>
                                {
                                    app.UseHealthChecks("/health");
-
+                                    app.UseForwardedHeaders();
                                    app.Map("/startup/logger", loggerRoute =>
                                    {
                                        loggerRoute.Run(async context =>