diff options
| author | Andrey Andreev <narf@bofh.bg> | 2012-10-06 14:24:53 +0200 |
|---|---|---|
| committer | Andrey Andreev <narf@bofh.bg> | 2012-10-06 14:24:53 +0200 |
| commit | b0fe0a9a6813e8d3ebca94c5fa86ab6f36f3390d (patch) | |
| tree | f360cf08e3b307e6e03b95dfc4ab365a3e5ffd0b | |
| parent | 7ad72975fa3cda4bf8797f788ba7445bdb4ae67a (diff) | |
Fix issues #227 and #907
| -rwxr-xr-x | system/core/Input.php | 63 | ||||
| -rw-r--r-- | user_guide/changelog.html | 8 |
2 files changed, 36 insertions, 35 deletions
diff --git a/system/core/Input.php b/system/core/Input.php index 3559d8607..66e02ba00 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -73,13 +73,13 @@ class CI_Input { */ protected $headers = array(); - /** * Constructor * * Sets whether to globally enable the XSS processing * and whether to allow the $_GET array * + * @return void */ public function __construct() { @@ -306,50 +306,49 @@ class CI_Input { /** * Fetch the IP Address * - * @access public * @return string */ - function ip_address() + public function ip_address() { if ($this->ip_address !== FALSE) { return $this->ip_address; } - if (config_item('proxy_ips') != '' && $this->server('HTTP_X_FORWARDED_FOR') && $this->server('REMOTE_ADDR')) + $proxy_ips = config_item('proxy_ips'); + if ( ! empty($proxy_ips)) { - $proxies = preg_split('/[\s,]/', config_item('proxy_ips'), -1, PREG_SPLIT_NO_EMPTY); - $proxies = is_array($proxies) ? $proxies : array($proxies); + $proxy_ips = explode(',', str_replace(' ', '', $proxy_ips)); + foreach (array('HTTP_X_FORWARDED_FOR', 'HTTP_CLIENT_IP', 'HTTP_X_CLIENT_IP', 'HTTP_X_CLUSTER_CLIENT_IP') as $header) + { + if (($spoof = $this->server($header)) !== FALSE) + { + // Some proxies typically list the whole chain of IP + // addresses through which the client has reached us. + // e.g. client_ip, proxy_ip1, proxy_ip2, etc. + if (strpos($spoof, ',') !== FALSE) + { + $spoof = explode(',', $spoof, 2); + $spoof = $spoof[0]; + } - $this->ip_address = in_array($_SERVER['REMOTE_ADDR'], $proxies) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']; - } - elseif ($this->server('REMOTE_ADDR') AND $this->server('HTTP_CLIENT_IP')) - { - $this->ip_address = $_SERVER['HTTP_CLIENT_IP']; - } - elseif ($this->server('REMOTE_ADDR')) - { - $this->ip_address = $_SERVER['REMOTE_ADDR']; - } - elseif ($this->server('HTTP_CLIENT_IP')) - { - $this->ip_address = $_SERVER['HTTP_CLIENT_IP']; - } - elseif ($this->server('HTTP_X_FORWARDED_FOR')) - { - $this->ip_address = $_SERVER['HTTP_X_FORWARDED_FOR']; - } + if ( ! $this->valid_ip($spoof)) + { + $spoof = NULL; + } + else + { + break; + } + } + } - if ($this->ip_address === FALSE) - { - $this->ip_address = '0.0.0.0'; - return $this->ip_address; + $this->ip_address = ($spoof !== NULL && in_array($_SERVER['REMOTE_ADDR'], $proxy_ips, TRUE)) + ? $spoof : $_SERVER['REMOTE_ADDR']; } - - if (strpos($this->ip_address, ',') !== FALSE) + else { - $x = explode(',', $this->ip_address); - $this->ip_address = trim(end($x)); + $this->ip_address = $_SERVER['REMOTE_ADDR']; } if ( ! $this->valid_ip($this->ip_address)) diff --git a/user_guide/changelog.html b/user_guide/changelog.html index 9c36eabff..d31839913 100644 --- a/user_guide/changelog.html +++ b/user_guide/changelog.html @@ -28,7 +28,7 @@ <div id="masthead"> <table cellpadding="0" cellspacing="0" border="0" style="width:100%"> <tr> -<td><h1>CodeIgniter User Guide Version 2.1.2</h1></td> +<td><h1>CodeIgniter User Guide Version 2.1.3</h1></td> <td id="breadcrumb_right"><a href="./toc.html">Table of Contents Page</a></td> </tr> </table> @@ -63,9 +63,11 @@ Change Log <h3>Bug fixes for 2.1.3:</h3> <ul> <li>Fixed a bug (#1543) - <a href="libraries/caching.html#file">File-based Caching</a> method <samp>get_metadata()</samp> used a non-existent array key to look for the TTL value.</li> - <li>Fixed a bug (#1314) - <a href="libraries/session.html">Session Library</a> method <samp>sess_destroy()</samp> didn't destroy the userdata array. + <li>Fixed a bug (#1314) - <a href="libraries/session.html">Session Library</a> method <samp>sess_destroy()</samp> didn't destroy the userdata array.</li> <li>Fixed a bug where the <a href="libraries/profiler.html">Profiler Library</a> issued an E_WARNING error if <a href="libraries/session.html">Session</a> userdata contains objects.</li> - <li>Fixed a bug (#1699) - <a href="libraries/migration.html">Migration Library</a> ignored the <samp>$config['migration_path']</samp> setting. + <li>Fixed a bug (#1699) - <a href="libraries/migration.html">Migration Library</a> ignored the <samp>$config['migration_path']</samp> setting.</li> + <li>Fixed a bug (#227) - <a href="libraries/input.html">Input Library</a> allowed unconditional spoofing of HTTP clients' IP addresses through the HTTP_CLIENT_IP header.</li> + <li>Fixed a bug (#907) - <a href="libraries/input.html">Input Library</a> ignored HTTP_X_CLUSTER_CLIENT_IP and HTTP_X_CLIENT_IP headers when checking for proxies.</li> </ul> <h2>Version 2.1.2</h2> |