Add header_ips config option and fix CI_Input::ip_address() (issue #907) #910

wants to merge 26 commits into


None yet
1 participant

narfbg commented Jan 10, 2012

Changes include:

  • Fixed issue #907 (add $_SERVER['HTTP_X_CLUSTER_CLIENT_IP'] to accepted client IP headers).
  • Fixed auto-trusting of $_SERVER['HTTP_CLIENT_IP'] - this shouldn't happen unless specifically enabled.
  • Changed handling of $config['proxy_ips'] - array() values are now also accepted as well as strings. String lists should probably be deprecated - any thoughts?
  • Added $config['header_ips'] to enable/disable the use of HTTP_X_FORWARDED_FOR, HTTP_CLIENT_IP, HTTP_X_CLUSTER_CLIENT_IP independently from $config['proxy_ips'] (defaults to FALSE).

@narfbg narfbg closed this Oct 6, 2012

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment