[TYPO3-core] RFC: Fix bug #7397: Proxy servers replace REMOTE_ADDR with their own IP
Steffen Kamper
steffen at sk-typo3.de
Tue Feb 5 17:29:30 CET 2008
Hi Michael,
"Michael Stucki" <michael at typo3.org> schrieb im Newsbeitrag
news:mailman.1.1202227105.17101.typo3-team-core at lists.netfielders.de...
> This is a SVN patch request.
>
> Problem:
> When requesting the clients REMOTE_ADDR, it can happen that there is a
> proxy
> in between server and client, which replaces the value with his own IP,
> and
> puts the original IP in HTTP_X_FORWARDED_FOR instead.
>
> Solution:
> Add a new configuration option to send HTTP_X_FORWARDED_FOR when
> requesting
> the REMOTE_ADDR.
>
> Branches:
> Trunk only
>
> Bugtracker reference:
> http://bugs.typo3.org/view.php?id=7397
> http://bugs.typo3.org/view.php?id=169 (should also be fixed by this
> change)
>
> Comments:
> I am not sure how to deal with the REMOTE_HOST field. I suppose it must be
> wrong, too, but there seems no replacement for it.
> Currently, I also send HTTP_X_FORWARDED_FOR when asking for REMOTE_HOST,
> however there could be conflicts when a hostname is requested, and an IP
> is
> returned(?)
>
> - michael
good one. But it's no information you can trust on, there are 3
possibilities depending on proxy configuration:
HTTP_X_FORWARDED_FOR = empty
HTTP_X_FORWARDED_FOR = IP of proxy
HTTP_X_FORWARDED_FOR = your IP
vg Steffen
More information about the TYPO3-team-core
mailing list