diff options
| author |   mkanat%bugzilla.org <> | 2009-12-31 12:53:19 +0000 |
|---|---|---|
| committer | mkanat%bugzilla.org <> | 2009-12-31 12:53:19 +0000 |
| commit | 8d2b07ea05e895f040d1805221135bfb68dc7f7c (patch) | |
| tree | 0e7abffa238bf380bd944971915c247773abd93a /Bugzilla/Util.pm | |
| parent | Bug 520318: Add remove_from_db to Bugzilla:Group and use it to delete groups ... (diff) | |
| download | bugzilla-8d2b07ea05e895f040d1805221135bfb68dc7f7c.tar.gz bugzilla-8d2b07ea05e895f040d1805221135bfb68dc7f7c.tar.bz2 bugzilla-8d2b07ea05e895f040d1805221135bfb68dc7f7c.zip | |
Bug 527586: Use X-Forwarded-For instead of REMOTE_ADDR for trusted proxies
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat
Diffstat (limited to 'Bugzilla/Util.pm')
| -rw-r--r-- | Bugzilla/Util.pm | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/Bugzilla/Util.pm b/Bugzilla/Util.pm index 00f9b0a05..ca2506ffa 100644 --- a/Bugzilla/Util.pm +++ b/Bugzilla/Util.pm @@ -35,7 +35,7 @@ use base qw(Exporter); detaint_signed html_quote url_quote xml_quote css_class_quote html_light_quote url_decode - i_am_cgi correct_urlbase + i_am_cgi correct_urlbase remote_ip lsearch do_ssl_redirect_if_required use_attachbase diff_arrays trim wrap_hard wrap_comment find_wrap_point @@ -54,6 +54,7 @@ use DateTime; use DateTime::TimeZone; use Digest; use Email::Address; +use List::Util qw(first); use Scalar::Util qw(tainted); use Template::Filters; use Text::Wrap; @@ -289,6 +290,15 @@ sub correct_urlbase { } } +sub remote_ip { + my $ip = $ENV{'REMOTE_ADDR'} || '127.0.0.1'; + my @proxies = split(/[\s,]+/, Bugzilla->params->{'inbound_proxies'}); + if (first { $_ eq $ip } @proxies) { + $ip = $ENV{'HTTP_X_FORWARDED_FOR'} if $ENV{'HTTP_X_FORWARDED_FOR'}; + } + return $ip; +} + sub use_attachbase { my $attachbase = Bugzilla->params->{'attachment_base'}; return ($attachbase ne '' |