https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=39789
--- Comment #27 from Tristin Stagg <[email protected]> --- Created attachment 183215 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=183215&action=edit Bug 39789: Add new "require_trusted_proxy_for_headers" 1) call will check the remote address against the list of trusted proxies first, if configured to do so, right off the bat. This allows us to not have to do this if we do not want to. Particularly useful if i were to tell an Koha server that it could only receive web requests from Cloudflare, or even if i was able to do that at the reverse proxy level. It's configurable so it can be disabled/enabled. a) If trusted, then it parses the header that was determined (from configuration or default X-Forwarded-For) b) Otherwise, it will fall back to the remote address 2) If not configured to check remote address against a trusted proxy, it will just parse the header that was determined. a) If it does not find a value, it will simply return the remote address. 3) "get_real_ip" no longer checks against trusted proxies, as that is done beforehand. -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
