Add request.client_ip and USE_X_FORWARDED_FOR setting

davegaeddert · davegaeddert · commit cb0bc5d08fac · 2025-12-01T20:53:14.000-06:00
diff --git a/plain-redirection/plain/redirection/models.py b/plain-redirection/plain/redirection/models.py
@@ -11,13 +11,6 @@
     from plain.http import Request
 
 
-def _get_client_ip(request: Request) -> str | None:
-    if x_forwarded_for := request.headers.get("X-Forwarded-For"):
-        return x_forwarded_for.split(",")[0].strip()
-    else:
-        return request.meta.get("REMOTE_ADDR")
-
-
 @models.register_model
 class Redirect(models.Model):
     from_pattern: str = types.CharField(max_length=255)
@@ -126,7 +119,7 @@ def from_redirect(cls, redirect: Redirect, request: Request) -> RedirectLog:
             from_url=from_url,
             to_url=to_url,
             http_status=redirect.http_status,
-            ip_address=_get_client_ip(request),
+            ip_address=request.client_ip,
             user_agent=request.headers.get("User-Agent", ""),
             referrer=request.headers.get("Referer", ""),
         )
@@ -156,7 +149,7 @@ class NotFoundLog(models.Model):
     def from_request(cls, request: Request) -> NotFoundLog:
         return cls.query.create(
             url=request.build_absolute_uri(),
-            ip_address=_get_client_ip(request),
+            ip_address=request.client_ip,
             user_agent=request.headers.get("User-Agent", ""),
             referrer=request.headers.get("Referer", ""),
         )
diff --git a/plain/plain/http/request.py b/plain/plain/http/request.py
@@ -177,6 +177,21 @@ def port(self) -> str:
             port = self.meta["SERVER_PORT"]
         return str(port)
 
+    @cached_property
+    def client_ip(self) -> str | None:
+        """Return the client's IP address.
+
+        If USE_X_FORWARDED_FOR is True, checks the X-Forwarded-For header first
+        (using the first/leftmost IP). Otherwise returns REMOTE_ADDR directly.
+
+        Only enable USE_X_FORWARDED_FOR when behind a trusted proxy that
+        overwrites the X-Forwarded-For header.
+        """
+        if settings.USE_X_FORWARDED_FOR:
+            if xff := self.headers.get("X-Forwarded-For"):
+                return xff.split(",")[0].strip()
+        return self.meta.get("REMOTE_ADDR")
+
     def get_full_path(self, force_append_slash: bool = False) -> str:
         """
         Return the full path for the request, including query string.
diff --git a/plain/plain/runtime/global_settings.py b/plain/plain/runtime/global_settings.py
@@ -55,10 +55,12 @@
 # you may be opening yourself up to a security risk.
 HTTPS_PROXY_HEADER = None
 
-# Whether to use the X-Forwarded-Host and X-Forwarded-Port headers
-# when determining the host and port for the request.
+# Whether to use the X-Forwarded-Host, X-Forwarded-Port, and X-Forwarded-For
+# headers when determining the host, port, and client IP for the request.
+# Only enable these when behind a trusted proxy that overwrites these headers.
 USE_X_FORWARDED_HOST = False
 USE_X_FORWARDED_PORT = False
+USE_X_FORWARDED_FOR = False
 
 # A secret key for this particular Plain installation. Used in secret-key
 # hashing algorithms. Set this in your settings, or Plain will complain
