Page MenuHomeDevCentral

D1638.id.diff
No OneTemporary

D1638.id.diff

diff --git a/src/HTTP/Requests/RemoteAddress.php b/src/HTTP/Requests/RemoteAddress.php
--- a/src/HTTP/Requests/RemoteAddress.php
+++ b/src/HTTP/Requests/RemoteAddress.php
@@ -31,15 +31,11 @@
}
public function getClientAddress () : string {
- if (strpos($this->remoteAddress, ',') === false) {
- // We only have one value, it's the IP
- return $this->remoteAddress;
- }
-
// Header contains 'clientIP, proxyIP, anotherProxyIP'
+ // or 'clientIP proxyIP anotherProxyIP'
// The first value is so the one to return.
// See draft-ietf-appsawg-http-forwarded-10.
- $ips = explode(',', $this->remoteAddress, 2);
+ $ips = preg_split("/[\s,]+/", $this->remoteAddress, 2);
return trim($ips[0]);
}
diff --git a/tests/HTTP/Requests/RequestTest.php b/tests/HTTP/Requests/RequestTest.php
--- a/tests/HTTP/Requests/RequestTest.php
+++ b/tests/HTTP/Requests/RequestTest.php
@@ -35,6 +35,26 @@
}
/**
+ * @covers \Keruald\OmniTools\HTTP\Requests\Request::getClientAddress
+ * @backupGlobals enabled
+ */
+ public function testGetRemoteAddressWithSeveralAddresses () : void {
+ $_SERVER = [
+ 'HTTP_X_FORWARDED_FOR' => '10.0.0.2 10.0.0.3',
+ ];
+ $this->assertEquals('10.0.0.2', Request::getRemoteAddress(),
+ "HTTP_X_FORWARDED_FOR could contain more than one address, the client one is the first"
+ );
+
+ $_SERVER = [
+ 'HTTP_X_FORWARDED_FOR' => '10.0.0.2, 10.0.0.3',
+ ];
+ $this->assertEquals('10.0.0.2', Request::getRemoteAddress(),
+ "HTTP_X_FORWARDED_FOR could contain more than one address, the client one is the first"
+ );
+ }
+
+ /**
* @covers \Keruald\OmniTools\HTTP\Requests\Request::getAcceptedLanguages
* @backupGlobals enabled
*/

File Metadata

Mime Type
text/plain
Expires
Tue, Jan 28, 05:20 (9 h, 30 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2381803
Default Alt Text
D1638.id.diff (1 KB)

Event Timeline