Commit bc484461 authored by David_Rothstein's avatar David_Rothstein

Issue #1327728 by Darren Oh, Josh Waihi, cspitzlay, c960657: ip_address()...

Issue #1327728 by Darren Oh, Josh Waihi, cspitzlay, c960657: ip_address() fails when client request IP and proxy IP are the same
parent 90cff29b
......@@ -45,6 +45,8 @@ Drupal 7.50, xxxx-xx-xx (development version)
User module (minor data structure change). Previously this automatically
inherited the page callback from the parent "admin/people" menu item, which
broke contributed modules that override the "admin/people" page.
- Fixed a bug which caused ip_address() to return nothing when the client IP
address and proxy IP address are the same.
Drupal 7.44, 2016-06-15
-----------------------
......
......@@ -2963,8 +2963,15 @@ function ip_address() {
// Eliminate all trusted IPs.
$untrusted = array_diff($forwarded, $reverse_proxy_addresses);
// The right-most IP is the most specific we can trust.
$ip_address = array_pop($untrusted);
if (!empty($untrusted)) {
// The right-most IP is the most specific we can trust.
$ip_address = array_pop($untrusted);
}
else {
// All IP addresses in the forwarded array are configured proxy IPs
// (and thus trusted). We take the leftmost IP.
$ip_address = array_shift($forwarded);
}
}
}
}
......
......@@ -70,6 +70,15 @@ class BootstrapIPAddressTestCase extends DrupalWebTestCase {
'Proxy forwarding with trusted proxy got forwarded IP address.'
);
// Proxy forwarding on and proxy address trusted and visiting from proxy.
$_SERVER['REMOTE_ADDR'] = $this->proxy_ip;
$_SERVER['HTTP_X_FORWARDED_FOR'] = $this->proxy_ip;
drupal_static_reset('ip_address');
$this->assertTrue(
ip_address() == $this->proxy_ip,
'Visiting from trusted proxy got proxy IP address.'
);
// Multi-tier architecture with comma separated values in header.
$_SERVER['REMOTE_ADDR'] = $this->proxy_ip;
$_SERVER['HTTP_X_FORWARDED_FOR'] = implode(', ', array($this->untrusted_ip, $this->forwarded_ip, $this->proxy2_ip));
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment