banananetwork
/
roundcubemail
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix matching multiple X-Forwarded-For addresses with 'proxy_whitelist' (#7107)

Browse Source
pull/7135/head
Aleksander Machniak 5 years ago
parent df7b76b023
commit 0b45c3c6b0
2 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File

1
CHANGELOG
Unescape Escape View File

@ -21,6 +21,7 @@ CHANGELOG Roundcube Webmail
- Fix/remove useless keyup event handler on username input in logon form (#6970) - Fix/remove useless keyup event handler on username input in logon form (#6970)
- Fix bug where cancelling switching from HTML to plain text didn't set the flag properly (#7077) - Fix bug where cancelling switching from HTML to plain text didn't set the flag properly (#7077)
- Fix bug where HTML reply could add an empty line with extra indentation above the original message (#7088) - Fix bug where HTML reply could add an empty line with extra indentation above the original message (#7088)
- Fix matching multiple X-Forwarded-For addresses with 'proxy_whitelist' (#7107)
RELEASE 1.4.1 RELEASE 1.4.1
------------- -------------

1
program/lib/Roundcube/rcube_utils.php
Unescape Escape View File

@ -687,6 +687,7 @@ class rcube_utils
if (in_array($_SERVER['REMOTE_ADDR'], $proxy_whitelist)) { if (in_array($_SERVER['REMOTE_ADDR'], $proxy_whitelist)) {
if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
foreach (array_reverse(explode(',', $_SERVER['HTTP_X_FORWARDED_FOR'])) as $forwarded_ip) { foreach (array_reverse(explode(',', $_SERVER['HTTP_X_FORWARDED_FOR'])) as $forwarded_ip) {
$forwarded_ip = trim($forwarded_ip);
if (!in_array($forwarded_ip, $proxy_whitelist)) { if (!in_array($forwarded_ip, $proxy_whitelist)) {
return $forwarded_ip; return $forwarded_ip;
} }

Write Preview
Loading…
Cancel
Save