From e36fb6fee3acab168fc2e0ea45410027a5f8f295 Mon Sep 17 00:00:00 2001
From: evazion <noizave@gmail.com>
Date: Thu, 6 May 2021 00:30:37 -0500
Subject: [PATCH] /status: show HTTP request headers and client IP.

Show the HTTP request headers and the client IP on the /status page.
This is for debugging request headers added by reverse proxies such as
Cloudflare and Nginx, and for making sure the client IP is correctly set
by the X-Forwarded-For header.
---
 app/controllers/status_controller.rb |  2 +-
 app/logical/server_status.rb         | 16 ++++++++++++++++
 app/views/status/show.html.erb       |  9 +++++++++
 3 files changed, 26 insertions(+), 1 deletion(-)

diff --git a/app/controllers/status_controller.rb b/app/controllers/status_controller.rb
index 4cd509491..ea4517f2c 100644
--- a/app/controllers/status_controller.rb
+++ b/app/controllers/status_controller.rb
@@ -2,7 +2,7 @@ class StatusController < ApplicationController
   respond_to :html, :json, :xml
 
   def show
-    @status = ServerStatus.new
+    @status = ServerStatus.new(request)
     respond_with(@status)
   end
 end
diff --git a/app/logical/server_status.rb b/app/logical/server_status.rb
index 6076e3cd0..7d8477264 100644
--- a/app/logical/server_status.rb
+++ b/app/logical/server_status.rb
@@ -3,8 +3,16 @@ class ServerStatus
   include ActiveModel::Serializers::JSON
   include ActiveModel::Serializers::Xml
 
+  attr_reader :request
+
+  def initialize(request)
+    @request = request
+  end
+
   def serializable_hash(options = {})
     {
+      ip: request.remote_ip,
+      headers: http_headers,
       status: {
         hostname: hostname,
         uptime: uptime,
@@ -29,6 +37,14 @@ class ServerStatus
   end
 
   concerning :InfoMethods do
+    def http_headers
+      headers = request.headers.env.select { |key| key.starts_with?("HTTP_") }
+      headers = headers.transform_keys { |key| key.delete_prefix("HTTP_").titleize.tr(" ", "-") }
+      headers = headers.except("Cookie")
+      headers = headers.reject { |k, v| v.blank? }
+      headers
+    end
+
     def hostname
       Socket.gethostname
     end
diff --git a/app/views/status/show.html.erb b/app/views/status/show.html.erb
index ebbd05868..39d29216d 100644
--- a/app/views/status/show.html.erb
+++ b/app/views/status/show.html.erb
@@ -34,5 +34,14 @@
 
       <%= render "list", hash: @status.serializable_hash[:redis][:info] %>
     </details>
+
+    <h2>Request</h2>
+
+    <details>
+      <summary>
+        IP: <%= @status.request.remote_ip %>
+      </summary>
+      <%= render "list", hash: @status.serializable_hash[:headers] %>
+    </details>
   </div>
 </div>