From 1318f3498cf32a9b94012a6ae4189894baf899d0 Mon Sep 17 00:00:00 2001
From: Ylian Saint-Hilaire <ysainthilaire@hotmail.com>
Date: Mon, 4 Jan 2021 01:50:00 -0800
Subject: [PATCH] Added support for DNS name in TLSOffload and TrustedProxy
 settings.

---
 webserver.js | 24 ++++++++++++++++++++++--
 1 file changed, 22 insertions(+), 2 deletions(-)

diff --git a/webserver.js b/webserver.js
index 253394cb..ed35492c 100644
--- a/webserver.js
+++ b/webserver.js
@@ -4909,8 +4909,28 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
         // Setup middleware
         obj.app.engine('handlebars', obj.exphbs({ defaultLayout: null })); // defaultLayout: 'main'
         obj.app.set('view engine', 'handlebars');
-        if (obj.args.trustedproxy) { obj.app.set('trust proxy', obj.args.trustedproxy); } // Reverse proxy should add the "X-Forwarded-*" headers
-        else if (typeof obj.args.tlsoffload == 'object') { obj.app.set('trust proxy', obj.args.tlsoffload); } // Reverse proxy should add the "X-Forwarded-*" headers
+        if (obj.args.trustedproxy) {
+            // Reverse proxy should add the "X-Forwarded-*" headers
+            try {
+                obj.app.set('trust proxy', obj.args.trustedproxy);
+            } catch (ex) {
+                // If there is an error, try to resolve the string
+                if ((obj.args.trustedproxy.length == 1) && (typeof obj.args.trustedproxy[0] == 'string')) {
+                    require('dns').lookup(obj.args.trustedproxy[0], function(err, address, family) { if (err == null) { obj.app.set('trust proxy', address); } });
+                }
+            }
+        } 
+        else if (typeof obj.args.tlsoffload == 'object') {
+            // Reverse proxy should add the "X-Forwarded-*" headers
+            try {
+                obj.app.set('trust proxy', obj.args.tlsoffload);
+            } catch (ex) {
+                // If there is an error, try to resolve the string
+                if ((obj.args.tlsoffload.length == 1) && (typeof obj.args.tlsoffload[0] == 'string')) {
+                    require('dns').lookup(obj.args.tlsoffload[0], function (err, address, family) { if (err == null) { obj.app.set('trust proxy', address); } });
+                }
+            }
+        }
         obj.app.use(obj.bodyParser.urlencoded({ extended: false }));
         var sessionOptions = {
             name: 'xid', // Recommended security practice to not use the default cookie name