Permalink
Browse files

Accounting for HTTP_X_FORWARDED_FOR when getting REMOTE_ADDR

  • Loading branch information...
1 parent 986c4c7 commit a8a667bec9c016dc5c19574b936303dfd0768d24 @mariano mariano committed May 15, 2012
Showing with 25 additions and 1 deletion.
  1. +6 −1 action/Request.php
  2. +19 −0 tests/cases/action/RequestTest.php
View
@@ -246,7 +246,12 @@ public function env($key) {
$this->_env[$key] = $val;
if ($key == 'REMOTE_ADDR') {
- $val = ($addr = $this->env('HTTP_PC_REMOTE_ADDR')) ? $addr : $val;
+ foreach(array('HTTP_X_FORWARDED_FOR', 'HTTP_PC_REMOTE_ADDR') as $altKey) {
+ if ($addr = $this->env($altKey)) {
+ $val = $addr;
+ break;
+ }
+ }
}
if ($val !== null && $val !== false && $key !== 'HTTPS') {
@@ -122,6 +122,25 @@ public function testHttpsFromScriptUri() {
public function testRemoteAddr() {
$request = new Request(array('env' => array('REMOTE_ADDR' => '123.456.789.000')));
$this->assertEqual('123.456.789.000', $request->env('REMOTE_ADDR'));
+
+ $request = new Request(array('env' => array(
+ 'REMOTE_ADDR' => '123.456.789.000',
+ 'HTTP_X_FORWARDED_FOR' => '111.222.333.444'
+ )));
+ $this->assertEqual('111.222.333.444', $request->env('REMOTE_ADDR'));
+
+ $request = new Request(array('env' => array(
+ 'REMOTE_ADDR' => '123.456.789.000',
+ 'HTTP_PC_REMOTE_ADDR' => '222.333.444.555'
+ )));
+ $this->assertEqual('222.333.444.555', $request->env('REMOTE_ADDR'));
+
+ $request = new Request(array('env' => array(
+ 'REMOTE_ADDR' => '123.456.789.000',
+ 'HTTP_X_FORWARDED_FOR' => '111.222.333.444',
+ 'HTTP_PC_REMOTE_ADDR' => '222.333.444.555'
+ )));
+ $this->assertEqual('111.222.333.444', $request->env('REMOTE_ADDR'));
}
public function testRemoteAddrFromHttpPcRemoteAddr() {

0 comments on commit a8a667b

Please sign in to comment.