public_git
/
oauth2-proxy
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
oauth2-proxy/docs
History
H1net a4d89036ec
fix: handle Unix socket RemoteAddr in IP resolution (#3374) 
* fix: handle Unix socket RemoteAddr in IP resolution

When oauth2-proxy listens on a Unix socket, Go sets RemoteAddr to "@"
instead of the usual "host:port" format. This caused net.SplitHostPort
to fail on every request, flooding logs with errors:

  Error obtaining real IP for trusted IP list: unable to get ip and
  port from http.RemoteAddr (@)

Fix by handling the "@" RemoteAddr at the source in getRemoteIP,
returning nil without error since Unix sockets have no meaningful
client IP. Also simplify the isTrustedIP guard and add a nil check
in GetClientString to prevent calling String() on nil net.IP.

Fixes #3373

Signed-off-by: h1net <ben@freshdevs.com>

* docs: add changelog entry and Unix socket trusted IPs documentation

Add changelog entry for #3374. Document that trusted IPs cannot match
against RemoteAddr for Unix socket listeners since Go sets it to "@",
and that IP-based trust still works via X-Forwarded-For with reverse-proxy.

Signed-off-by: Ben Newbery <ben.newbery@gmail.com>
Signed-off-by: h1net <ben@freshdevs.com>

* doc: fix changelog entry for #3374

Signed-off-by: Jan Larwig <jan@larwig.com>

* doc: add trusted ip a section to versioned docs as well

Signed-off-by: Jan Larwig <jan@larwig.com>

---------

Signed-off-by: h1net <ben@freshdevs.com>
Signed-off-by: Ben Newbery <ben.newbery@gmail.com>
Signed-off-by: Jan Larwig <jan@larwig.com>
Co-authored-by: Jan Larwig <jan@larwig.com>
 		2026-03-23 10:22:36 +01:00
..
docs fix: handle Unix socket RemoteAddr in IP resolution (#3374) 2026-03-23 10:22:36 +01:00
src/css Microsoft Entra ID provider (#2390) 2024-12-31 11:46:13 +00:00
static doc: readme overhaul and azure sponsorship (#2826) 2024-10-27 12:12:46 +00:00
versioned_docs fix: handle Unix socket RemoteAddr in IP resolution (#3374) 2026-03-23 10:22:36 +01:00
versioned_sidebars release v7.15.0 (#3378) 2026-03-19 01:10:21 +08:00
.gitignore docs: restructure all options and flags (#2747) 2024-08-20 10:40:27 +02:00
README.md doc: SourceHut documentation fixes (#3170) 2025-08-20 12:02:32 +02:00
babel.config.js Migrate existing documentation to Docusaurus 2020-11-05 15:36:27 +00:00
docusaurus.config.js doc: cncf onboarding and sponsor update 2026-01-17 11:04:43 +01:00
package.json chore(deps): update dependency @easyops-cn/docusaurus-search-local to ^0.55.0 (#3356) 2026-03-17 21:09:14 +08:00
sidebars.js docs: split integration.md into separate integration guides (#3299) 2026-01-16 09:37:52 +01:00
versions.json release v7.15.0 (#3378) 2026-03-19 01:10:21 +08:00

README.md

Website

This website is built using Docusaurus 2, a modern static website generator.

Installation

npm install

Local Development

npm start

This command starts a local development server and open up a browser window. Most changes are reflected live without having to restart the server.

Build

npm run build

This command generates static content into the build directory and can be served using any static contents hosting service.

Deployment

GIT_USER=<Your GitHub username> USE_SSH=true npm deploy

If you are using GitHub pages for hosting, this command is a convenient way to build the website and push to the gh-pages branch.