#3872: Bug in SetRemoteAddrFromForwardedFor middleware ----------------------------------------+----------------------------------- Reporter: Simon Willison | Owner: gregorth Status: closed | Milestone: Component: Core framework | Version: SVN Resolution: fixed | Keywords: middleware Stage: Ready for checkin | Has_patch: 1 Needs_docs: 0 | Needs_tests: 0 Needs_better_patch: 0 | ----------------------------------------+----------------------------------- Comment (by JohnMoylan):
Maybe the issue is a documentation problem. I had mistakenly assumed that this middleware was for use when you have a django app sitting behind a reverse proxy. In such a settup you have to use the X-Forwarded-For last IP that is before your own reverse proxy ip as the remote-ip. If you want to try and get the original Client IP - real_ip.split(",")[0].strip() then the current code is probably a good attempt but in real world situations may not be as useful as just getting the last proxy IP address because it will be more prone to issues with proxy anonomizers or caches set up to strip X-Forwarded-For . -- Ticket URL: <http://code.djangoproject.com/ticket/3872#comment:11> Django <http://code.djangoproject.com/> The Web framework for perfectionists with deadlines. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django updates" group. To post to this group, send email to django-updates@googlegroups.com To unsubscribe from this group, send email to django-updates+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/django-updates?hl=en -~----------~----~----~----~------~----~------~--~---