Mirror
/
RoundcubeMail
mirror of https://github.com/roundcube/roundcubemail.git
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

Fix matching multiple X-Forwarded-For addresses with 'proxy_whitelist' (#7107)

pull/7135/head
Aleksander Machniak 6 years ago
parent
df7b76b023
commit
0b45c3c6b0
2 changed files with 2 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      CHANGELOG
  2. 1
      program/lib/Roundcube/rcube_utils.php

1
CHANGELOG
View File

@ -21,6 +21,7 @@ CHANGELOG Roundcube Webmail
- Fix/remove useless keyup event handler on username input in logon form (#6970)
- Fix bug where cancelling switching from HTML to plain text didn't set the flag properly (#7077)
- Fix bug where HTML reply could add an empty line with extra indentation above the original message (#7088)
- Fix matching multiple X-Forwarded-For addresses with 'proxy_whitelist' (#7107)
RELEASE 1.4.1
-------------

1
program/lib/Roundcube/rcube_utils.php
View File

@ -687,6 +687,7 @@ class rcube_utils
if (in_array($_SERVER['REMOTE_ADDR'], $proxy_whitelist)) {
if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
foreach (array_reverse(explode(',', $_SERVER['HTTP_X_FORWARDED_FOR'])) as $forwarded_ip) {
$forwarded_ip = trim($forwarded_ip);
if (!in_array($forwarded_ip, $proxy_whitelist)) {
return $forwarded_ip;
}

Write Preview
Loading…
Cancel
Save