diff options
| author | Dries Buytaert <dries@buytaert.net> | 2009-03-18 09:21:21 +0000 |
|---|---|---|
| committer | Dries Buytaert <dries@buytaert.net> | 2009-03-18 09:21:21 +0000 |
| commit | b59c662967c24e4b7946ba740bc5ba63c63eb1e4 (patch) | |
| tree | 9f6cd55e3260782f09fd80f1556939c3f61c3884 /includes | |
| parent | ee2e63d7f9064ae57b3fb91007c53ceddf31ae48 (diff) | |
| download | brdo-b59c662967c24e4b7946ba740bc5ba63c63eb1e4.tar.gz brdo-b59c662967c24e4b7946ba740bc5ba63c63eb1e4.tar.bz2 | |
- Patch #309586 by mr.baileys: IP address from XFF header contains spaces and improved code comments.
Diffstat (limited to 'includes')
| -rw-r--r-- | includes/bootstrap.inc | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/includes/bootstrap.inc b/includes/bootstrap.inc index a73a969b4..3a18ec71b 100644 --- a/includes/bootstrap.inc +++ b/includes/bootstrap.inc @@ -1351,10 +1351,11 @@ function ip_address($reset = FALSE) { // the XFF header if request really comes from one of them. $reverse_proxy_addresses = variable_get('reverse_proxy_addresses', array()); if (!empty($reverse_proxy_addresses) && in_array($ip_address, $reverse_proxy_addresses, TRUE)) { - // If there are several arguments, we need to check the most - // recently added one, i.e. the last one. + // The "X-Forwarded-For" header is a comma+space separated list of IP addresses, + // the left-most being the farthest downstream client. If there is more than + // one proxy, we are interested in the most recent one (i.e. last one in the list). $ip_address_parts = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']); - $ip_address = array_pop($ip_address_parts); + $ip_address = trim(array_pop($ip_address_parts)); } } |