Inmartti wrote: Thu Nov 15, 2018 9:15 pm It is the port number. The extension is expecting a list of comma separated ip's, without port numbers. TheX-Forwarded-For
header isn't standardized and some reverse proxies add ports as it seems. I will change the extension to strip of the port.
event/listener.php
Code: Select all
$forwarded_for = trim($this->request->header('X-Forwarded-For'));
$forwarded_for = str_replace(' ', '', $forwarded_for);
$forwarded_for = explode(',', $forwarded_for);
$forwarded_for = trim($forwarded_for[count($forwarded_for) - 1]);
if (!filter_var($forwarded_for, FILTER_VALIDATE_IP))
{
throw new \Exception('Trust X-Forwarded-For Extension: invalid X-Forwarded-For: ' . $forwarded_for);
}
if
-statement)Code: Select all
$forwarded_for = trim($this->request->header('X-Forwarded-For'));
$forwarded_for = str_replace(' ', '', $forwarded_for);
$forwarded_for = explode(',', $forwarded_for);
$forwarded_for = trim($forwarded_for[count($forwarded_for) - 1]);
[$forwarded_for] = explode(':', $forwarded_for);
if (!filter_var($forwarded_for, FILTER_VALIDATE_IP))
{
throw new \Exception('Trust X-Forwarded-For Extension: invalid X-Forwarded-For: ' . $forwarded_for);
}