From 35a5dfc17aa4bb2f22bc27a71b0552ea25d2a21e Mon Sep 17 00:00:00 2001 From: Maximilian Friedersdorff Date: Thu, 11 Dec 2025 21:36:13 +0000 Subject: [PATCH] Add comments --- internal/middleware/reject_anon.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/internal/middleware/reject_anon.go b/internal/middleware/reject_anon.go index c5da2a9..3681d1f 100644 --- a/internal/middleware/reject_anon.go +++ b/internal/middleware/reject_anon.go @@ -18,6 +18,7 @@ type netList []net.IPNet const ipHeader = "x-forwarded-for" +// Check if any IPNet in the netList contains the given IP func (n *netList) Contains(ip net.IP) bool { for _, net := range *n { if contains := net.Contains(ip); contains { @@ -27,6 +28,8 @@ func (n *netList) Contains(ip net.IP) bool { return false } +// Redirect to redirect url any request where the user is anon and the request +// does not appear to come from a safe origin func RejectAnonMiddleware(redirect string, next http.Handler) http.Handler { safeOriginNets := make(netList, 0, len(conf.Conf.AnonCIDRs))