From e99e24cb04fe788e6fb6a1847e2e89a1545032df Mon Sep 17 00:00:00 2001
From: Nicolas <bircni@icloud.com>
Date: Sat, 13 Jun 2026 17:37:45 +0200
Subject: [PATCH] fix: stop trusting all proxies by default in docker app.ini
 templates

The Docker app.ini templates hard-coded REVERSE_PROXY_TRUSTED_PROXIES = *,
so with ENABLE_REVERSE_PROXY_AUTHENTICATION enabled any source IP reaching
the container could impersonate any user via the X-WEBAUTH-USER header.
Align the templates with the documented loopback-only default
(127.0.0.0/8,::1/128), matching app.example.ini and the in-code default.

Assisted-by: Claude:claude-opus-4-8
---
 docker/root/etc/templates/app.ini     | 2 --
 docker/rootless/etc/templates/app.ini | 2 --
 2 files changed, 4 deletions(-)

diff --git a/docker/root/etc/templates/app.ini b/docker/root/etc/templates/app.ini
index 01fb407f495..1794d1f128c 100644
--- a/docker/root/etc/templates/app.ini
+++ b/docker/root/etc/templates/app.ini
@@ -51,8 +51,6 @@ ROOT_PATH = /data/gitea/log
 [security]
 INSTALL_LOCK = $INSTALL_LOCK
 SECRET_KEY   = $SECRET_KEY
-REVERSE_PROXY_LIMIT = 1
-REVERSE_PROXY_TRUSTED_PROXIES = *
 
 [service]
 DISABLE_REGISTRATION = $DISABLE_REGISTRATION
diff --git a/docker/rootless/etc/templates/app.ini b/docker/rootless/etc/templates/app.ini
index 0057635062c..0357e6aa1f6 100644
--- a/docker/rootless/etc/templates/app.ini
+++ b/docker/rootless/etc/templates/app.ini
@@ -48,8 +48,6 @@ ROOT_PATH = $GITEA_WORK_DIR/data/log
 [security]
 INSTALL_LOCK = $INSTALL_LOCK
 SECRET_KEY   = $SECRET_KEY
-REVERSE_PROXY_LIMIT = 1
-REVERSE_PROXY_TRUSTED_PROXIES = *
 
 [service]
 DISABLE_REGISTRATION = $DISABLE_REGISTRATION