Fix IPv6 remote addresses from X_FORWARDED_FOR headers before validating
Signed-off-by: Joas Schilling <coding@schilljs.com>
This commit is contained in:
parent
8054bc921e
commit
a471dba6e1
|
@ -653,6 +653,12 @@ class Request implements \ArrayAccess, \Countable, IRequest {
|
||||||
if (isset($this->server[$header])) {
|
if (isset($this->server[$header])) {
|
||||||
foreach (explode(',', $this->server[$header]) as $IP) {
|
foreach (explode(',', $this->server[$header]) as $IP) {
|
||||||
$IP = trim($IP);
|
$IP = trim($IP);
|
||||||
|
|
||||||
|
// remove brackets from IPv6 addresses
|
||||||
|
if (strpos($IP, '[') === 0 && substr($IP, -1) === ']') {
|
||||||
|
$IP = substr($IP, 1, -1);
|
||||||
|
}
|
||||||
|
|
||||||
if (filter_var($IP, FILTER_VALIDATE_IP) !== false) {
|
if (filter_var($IP, FILTER_VALIDATE_IP) !== false) {
|
||||||
return $IP;
|
return $IP;
|
||||||
}
|
}
|
||||||
|
|
|
@ -632,6 +632,34 @@ class RequestTest extends \Test\TestCase {
|
||||||
$this->assertSame('192.168.3.99', $request->getRemoteAddress());
|
$this->assertSame('192.168.3.99', $request->getRemoteAddress());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function testGetRemoteAddressWithXForwardedForIPv6() {
|
||||||
|
$this->config
|
||||||
|
->expects($this->at(0))
|
||||||
|
->method('getSystemValue')
|
||||||
|
->with('trusted_proxies')
|
||||||
|
->willReturn(['192.168.2.0/24']);
|
||||||
|
$this->config
|
||||||
|
->expects($this->at(1))
|
||||||
|
->method('getSystemValue')
|
||||||
|
->with('forwarded_for_headers')
|
||||||
|
->willReturn(['HTTP_X_FORWARDED_FOR']);
|
||||||
|
|
||||||
|
$request = new Request(
|
||||||
|
[
|
||||||
|
'server' => [
|
||||||
|
'REMOTE_ADDR' => '192.168.2.99',
|
||||||
|
'HTTP_X_FORWARDED_FOR' => '[2001:db8:85a3:8d3:1319:8a2e:370:7348]',
|
||||||
|
],
|
||||||
|
],
|
||||||
|
$this->secureRandom,
|
||||||
|
$this->config,
|
||||||
|
$this->csrfTokenManager,
|
||||||
|
$this->stream
|
||||||
|
);
|
||||||
|
|
||||||
|
$this->assertSame('2001:db8:85a3:8d3:1319:8a2e:370:7348', $request->getRemoteAddress());
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return array
|
* @return array
|
||||||
*/
|
*/
|
||||||
|
|
Loading…
Reference in New Issue