Changeset - 8046d1979674
Parent rev.
Child rev.
[Not reviewed]
beta
0 1 0
Marcin Kuzminski - 13 years ago 2013-01-08 20:42:48
marcin@python-works.com
fix multiple ips addresses in X_FORWARDER_FOR header
1 file changed with 8 insertions and 3 deletions:
rhodecode/lib/base.py
8
3
0 comments (0 inline, 0 general)
rhodecode/lib/base.py
Show inline comments
 
@@ -16,55 +16,60 @@ from pylons.controllers.util import redi
 
from pylons.templating import render_mako as render
 

			




	
	
	
		
 
from rhodecode import __version__, BACKENDS

			




	
	
	
		
 

			




	
	
	
		
 
from rhodecode.lib.utils2 import str2bool, safe_unicode, AttributeDict,\

			




	
	
	
		
 
    safe_str, safe_int

			




	
	
	
		
 
from rhodecode.lib.auth import AuthUser, get_container_username, authfunc,\

			




	
	
	
		
 
    HasPermissionAnyMiddleware, CookieStoreWrapper

			




	
	
	
		
 
from rhodecode.lib.utils import get_repo_slug, invalidate_cache

			




	
	
	
		
 
from rhodecode.model import meta

			




	
	
	
		
 

			




	
	
	
		
 
from rhodecode.model.db import Repository, RhodeCodeUi, User, RhodeCodeSetting

			




	
	
	
		
 
from rhodecode.model.notification import NotificationModel

			




	
	
	
		
 
from rhodecode.model.scm import ScmModel

			




	
	
	
		
 
from rhodecode.model.meta import Session

			




	
	
	
		
 

			




	
	
	
		
 
log = logging.getLogger(__name__)

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
def _get_ip_addr(environ):

			




	
	
	
		
 
    proxy_key = 'HTTP_X_REAL_IP'

			




	
	
	
		
 
    proxy_key2 = 'HTTP_X_FORWARDED_FOR'

			




	
	
	
		
 
    def_key = 'REMOTE_ADDR'

			




	
	
	
		
 

			




	
	
	
		
 
    ip = environ.get(proxy_key2)

			




	
	
	
		
 
    ip = environ.get(proxy_key)

			




	
	
	
		
 
    if ip:

			




	
	
	
		
 
        return ip

			




	
	
	
		
 

			




	
	
	
		
 
    ip = environ.get(proxy_key)

			




	
	
	
		
 

			




	
	
	
		
 
    ip = environ.get(proxy_key2)

			




	
	
	
		
 
    if ip:

			




	
	
	
		
 
        # HTTP_X_FORWARDED_FOR can have mutliple ips inside

			




	
	
	
		
 
        # the left-most being the original client, and each successive proxy 

			




	
	
	
		
 
        # that passed the request adding the IP address where it received the 

			




	
	
	
		
 
        # request from.

			




	
	
	
		
 
        if ',' in ip:

			




	
	
	
		
 
            ip = ip.split(',')[0].strip()

			




	
	
	
		
 
        return ip

			




	
	
	
		
 

			




	
	
	
		
 
    ip = environ.get(def_key, '0.0.0.0')

			




	
	
	
		
 
    return ip

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
def _get_access_path(environ):

			




	
	
	
		
 
    path = environ.get('PATH_INFO')

			




	
	
	
		
 
    org_req = environ.get('pylons.original_request')

			




	
	
	
		
 
    if org_req:

			




	
	
	
		
 
        path = org_req.environ.get('PATH_INFO')

			




	
	
	
		
 
    return path

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
class BasicAuth(AuthBasicAuthenticator):

			




	
	
	
		
 

			




	
	
	
		
 
    def __init__(self, realm, authfunc, auth_http_code=None):

			




	
	
	
		
 
        self.realm = realm

			




	
	
	
		
 
        self.authfunc = authfunc

			




	
	
	
		
 
        self._rc_auth_http_code = auth_http_code

			




	
	
	
		
 

			




	
	
	
		
 
    def build_authentication(self):

			




	
	
	
		
 
        head = WWW_AUTHENTICATE.tuples('Basic realm="%s"' % self.realm)

			




	
	
	
		
 
        if self._rc_auth_http_code and self._rc_auth_http_code == '403':

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.