diogo/symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

getClientIp() will now only return valid IP addresses, rather than assuming the X_FORWARDED_FOR is the first comma seperated value.

Browse Source
This commit is contained in:
Neil Ferreira 2012-05-31 16:52:46 +08:00
parent 78747e6cc5
commit 7b5328f1c7
1 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/Symfony/Component/HttpFoundation/Request.php
View File

@ -546,9 +546,16 @@ class Request
if ($this->server->has('HTTP_CLIENT_IP')) {
return $this->server->get('HTTP_CLIENT_IP');
} elseif ($this->server->has('HTTP_X_FORWARDED_FOR')) {
$clientIp = explode(',', $this->server->get('HTTP_X_FORWARDED_FOR'), 2);
$clientIp = explode(',', $this->server->get('HTTP_X_FORWARDED_FOR'));
return isset($clientIp[0]) ? trim($clientIp[0]) : '';
foreach ($clientIp as $ipAddress) {
$cleanIpAddress = trim($ipAddress);
if (false !== filter_var($cleanIpAddress, FILTER_VALIDATE_IP)) {
return $cleanIpAddress;
}
}
return '';
}
}