Add X-Forwarded-For support in SHOUTcast 2

Ask questions, request features, or just complement us about our software and services.
Post Reply
hdprene
Posts: 48
Joined: Thu Jul 30, 2015 9:27 am
Contact:

Add X-Forwarded-For support in SHOUTcast 2

Post by hdprene »

HI Jay I've also sent you a private message with some extra details. Main point is that a correct listeners list in radio toolbox, using reverse proxy (Apache 2.4) needs an adjustment in its shoutcast database seek options. If a listener has a xff line in the shoutcast database then the RB seek tool should take that IP address in stead of the one in hostname. Because the XFF IP address is from the real listener. I really hope this adjustment is possible for you to produce and write.

<LISTENER>
<HOSTNAME>111.222.333.444</HOSTNAME>
<USERAGENT>Nullsoft Winamp3 version 3.0 (compatible)</USERAGENT>
<CONNECTTIME>2929</CONNECTTIME>
<UID>6377</UID>
<TYPE>524289</TYPE>
<REFERER/>
<XFF>555.666.777.888</XFF>
<GRID>6377</GRID>
<TRIGGERS>0</TRIGGERS>
</LISTENER>

P.s. Though it says sent .My private message kept into the outbox in stead of set messages Is that correct?

Best Regards, René Dussen

User avatar
Jay
Will work for food (Administrator)
Posts: 2919
Joined: Mon Jan 14, 2002 12:48 am
Location: Next Door
Contact:

Re: Add X-Forwarded-For support in SHOUTcast 2

Post by Jay »

Hi René,

Yep, this shouldn't be hard to accomplish. I think the only challenge will be providing a preference for users that makes sense because you would want to mark the server as being behind a reverse proxy so people can't just spoof Radio Toolbox with fake IPs using the X-Forwarded-For header.

Let me think on it. I am leaning toward making it a flag per server. Perhaps you can right click a server and set it as being behind a reverse proxy? Definitely shouldn't take the XFF tag by default though.

Are there any other items in the sheet that indicate that SHOUTcast knows it's behind a reverse proxy? That could make it more automated potentially.
- Jay

hdprene
Posts: 48
Joined: Thu Jul 30, 2015 9:27 am
Contact:

Re: Add X-Forwarded-For support in SHOUTcast 2

Post by hdprene »

Hi Jay! Thank you very much for your fast answer! I ran into this due to the help of my brother. The goal was to upgrade my radio station website into a https one against minimal costs. Buying a standard TSL/SLL certificate were the only costs in mind. I'm happy to tell you that my "bro" is successful! I wanted this https upgrade because the chromium upgrade from last February gave in almost all browser a huge downgrade; "not save!" Tunein.com even blocked mine all other streams since they weren't https. Recently they made a temporary extra popup player to overcome the issue but it didn't work here. We are in the end-phase of testing now. The problem was that, in my case, both streams and playlist actually do come from another IP address, so a standard ssl certificate fot th site could never be a realistic option.

But t answer your question comparing the Shoutcast (admin) logfiles only brings the a difference having a XFF line or not. And as far as I'm concerned any viewable solution like a flag would be a wonderful Radio Tool Box addition to have!

Best Regards,
René

hdprene
Posts: 48
Joined: Thu Jul 30, 2015 9:27 am
Contact:

Re: Add X-Forwarded-For support in SHOUTcast 2

Post by hdprene »

Hi Jay!
You asked ...Are there any other items in the sheet that indicate that SHOUTcast knows it's behind a reverse proxy? That could make it more automated potentially...??

Yes the other item is that if there is a XFF line, the hostname line is always filled with MY IP address

Post Reply