Improper Output Neutralization for Logs

Summary

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.27.0, a vulnerability allows attacker-controlled HTTP headers to influence server-visible metadata, logging, and authorization decisions. An attacker can supply "X-Forwarded-For" or "X-Real-IP headers" which get accepted unconditionally by "get_client_ip()" in "docker/main.cc", causing access and error logs (nginx_access_logger / nginx_error_logger) to record spoofed client IPs (log poisoning / audit evasion). This vulnerability is fixed in 0.27.0.