Permalink
Browse files

[#25161833] Clean up IP address parsing

If there's more than one proxy standing between the client
and Koha's web server, the HTTP_X_FORWARDED_FOR header may
contain more than one IP address. C4::Branch::GetBranchByIp
was not prepared for this condition, and it would cause an
exception.
  • Loading branch information...
1 parent 7ca6a2e commit 1a145443901c01744d90ffc360b7ff3438d58dde @ctfliblime ctfliblime committed Feb 18, 2012
Showing with 6 additions and 7 deletions.
  1. +1 −4 lib/C4/Auth.pm
  2. +5 −3 lib/C4/Branch.pm
View
@@ -1592,10 +1592,7 @@ sub getborrowernumber {
sub IsIpInLibrary {
my $params = shift;
- my $client_ip = $params->{ip}
- // $ENV{HTTP_X_FORWARDED_FOR}
- // $ENV{REMOTE_ADDR};
- return (C4::Branch::GetBranchByIp($client_ip) eq $params->{branchcode}) ? 1 : 0;
+ return (C4::Branch::GetBranchByIp($params->{ip}) eq $params->{branchcode}) ? 1 : 0;
}
sub _uniq {
View
@@ -608,10 +608,12 @@ sub GetBranchCodeFromName {
# Returns the branches.branchcode for the first match or undef if no match.
sub GetBranchByIp {
- my $client_ip = Net::IP->new(shift
+ my $raw = shift
// $ENV{HTTP_X_FORWARDED_FOR}
- // $ENV{REMOTE_ADDR});
-
+ // $ENV{REMOTE_ADDR};
+ $raw =~ s/([0-9.]+).*/$1/;
+ my $client_ip = Net::IP->new($raw);
+
for my $branch (values %{GetBranches()}) {
next unless $branch->{branchip};
my $raw = $branch->{branchip};

0 comments on commit 1a14544

Please sign in to comment.