Umherirrender has uploaded a new change for review. https://gerrit.wikimedia.org/r/109721
Change subject: Ignore 'unknown' in XFF ...................................................................... Ignore 'unknown' in XFF Can come from Squid http://www.squid-cache.org/Doc/config/forwarded_for/ Bug: 57467 Change-Id: I3fd3170d31a1aff2e748302c30dd6e364ed3bdcd --- M includes/WebRequest.php 1 file changed, 4 insertions(+), 0 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/mediawiki/core refs/changes/21/109721/1 diff --git a/includes/WebRequest.php b/includes/WebRequest.php index b42564c..a52894d 100644 --- a/includes/WebRequest.php +++ b/includes/WebRequest.php @@ -1128,6 +1128,10 @@ # unless the address is not sensible (e.g. private). However, prefer private # IP addresses over proxy servers controlled by this site (more sensible). foreach ( $ipchain as $i => $curIP ) { + // ignore 'unknown' value from Squid when 'forwarded_for off' and try next + if ( $curIP === 'unknown' ) { + continue; + } $curIP = IP::sanitizeIP( IP::canonicalize( $curIP ) ); if ( wfIsTrustedProxy( $curIP ) && isset( $ipchain[$i + 1] ) ) { if ( wfIsConfiguredProxy( $curIP ) || // bug 48919; treat IP as sane -- To view, visit https://gerrit.wikimedia.org/r/109721 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I3fd3170d31a1aff2e748302c30dd6e364ed3bdcd Gerrit-PatchSet: 1 Gerrit-Project: mediawiki/core Gerrit-Branch: master Gerrit-Owner: Umherirrender <umherirrender_de...@web.de> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
