[TYPO3-core] RFC: Fix bug #7397: Proxy servers replace REMOTE_ADDR with their own IP
Oliver Hader
oh at inpublica.de
Tue Feb 5 17:27:07 CET 2008
Hi Michael,
Michael Stucki schrieb:
> This is a SVN patch request.
>
> Problem:
> When requesting the clients REMOTE_ADDR, it can happen that there is a proxy
> in between server and client, which replaces the value with his own IP, and
> puts the original IP in HTTP_X_FORWARDED_FOR instead.
>
> Solution:
> Add a new configuration option to send HTTP_X_FORWARDED_FOR when requesting
> the REMOTE_ADDR.
>
> Branches:
> Trunk only
>
> Bugtracker reference:
> http://bugs.typo3.org/view.php?id=7397
> http://bugs.typo3.org/view.php?id=169 (should also be fixed by this change)
>
> Comments:
> I am not sure how to deal with the REMOTE_HOST field. I suppose it must be
> wrong, too, but there seems no replacement for it.
> Currently, I also send HTTP_X_FORWARDED_FOR when asking for REMOTE_HOST,
> however there could be conflicts when a hostname is requested, and an IP is
> returned(?)
I also don't know how to deal this. I can also happen, that a local IP
address is returned, such as '192.168.2.34' which cannot be resolved.
Another thing is, when a session has an IP lock and accesses over a
proxy - the "real" IP to identify would then be
'<remote_addr>+<http_x_forwared_for>'. Hm...
olly
--
Oliver Hader
http://inpublica.de/
More information about the TYPO3-team-core
mailing list