Skip to content
This repository has been archived by the owner on Jan 25, 2021. It is now read-only.
Permalink
Browse files Browse the repository at this point in the history
Better check for local environments
  • Loading branch information
bastianallgeier committed Dec 1, 2020
1 parent 5a569d4 commit 7f9ac18
Showing 1 changed file with 41 additions and 7 deletions.
48 changes: 41 additions & 7 deletions app/src/panel.php
Expand Up @@ -493,13 +493,47 @@ public function license() {
}

public function isLocal() {
$localhosts = array('::1', '127.0.0.1', '0.0.0.0');
return (
in_array(server::get('SERVER_ADDR'), $localhosts) ||
server::get('SERVER_NAME') == 'localhost' ||
str::endsWith(server::get('SERVER_NAME'), '.localhost') ||
str::endsWith(server::get('SERVER_NAME'), '.test')
);

$host = server::get('SERVER_NAME');
$ip = server::get('SERVER_ADDR');

if ($host === 'localhost') {
return true;
}

if (str::endsWith($host, '.localhost') === true) {
return true;
}

if (str::endsWith($host, '.local') === true) {
return true;
}

if (str::endsWith($host, '.test') === true) {
return true;
}

if (in_array($ip, ['::1', '127.0.0.1']) === true) {

if (
isset($_SERVER['HTTP_X_FORWARDED_FOR']) === true &&
in_array($_SERVER['HTTP_X_FORWARDED_FOR'], ['::1', '127.0.0.1']) === false
) {
return false;
}

if (
isset($_SERVER['HTTP_CLIENT_IP']) === true &&
in_array($_SERVER['HTTP_CLIENT_IP'], ['::1', '127.0.0.1']) === false
) {
return false;
}

// no reverse proxy or the real client also comes from localhost
return true;
}

return false;
}

public function notify($text) {
Expand Down

0 comments on commit 7f9ac18

Please sign in to comment.