Aaron Schulz has uploaded a new change for review. https://gerrit.wikimedia.org/r/84866
Change subject: Do not use invalid IPs from XFFs to avoid exceptions ...................................................................... Do not use invalid IPs from XFFs to avoid exceptions Change-Id: Ib81e06527c2f7a8d9c288b56c0f46610a4517f74 --- M includes/WebRequest.php 1 file changed, 7 insertions(+), 4 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/mediawiki/core refs/changes/66/84866/1 diff --git a/includes/WebRequest.php b/includes/WebRequest.php index 23eee04..c8fc8d1 100644 --- a/includes/WebRequest.php +++ b/includes/WebRequest.php @@ -1144,10 +1144,13 @@ foreach ( $ipchain as $i => $curIP ) { $curIP = IP::sanitizeIP( IP::canonicalize( $curIP ) ); if ( wfIsTrustedProxy( $curIP ) && isset( $ipchain[$i + 1] ) ) { - if ( wfIsConfiguredProxy( $curIP ) || // bug 48919 - ( IP::isPublic( $ipchain[$i + 1] ) || $wgUsePrivateIPs ) - ) { - $ip = IP::canonicalize( $ipchain[$i + 1] ); + $nextIP = IP::canonicalize( $ipchain[$i + 1] ); + if ( $nextIP && ( + wfIsConfiguredProxy( $curIP ) || // bug 48919; treat IP as sane + IP::isPublic( $ipchain[$i + 1] ) || + $wgUsePrivateIPs + ) ) { + $ip = $nextIP; continue; } } -- To view, visit https://gerrit.wikimedia.org/r/84866 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: Ib81e06527c2f7a8d9c288b56c0f46610a4517f74 Gerrit-PatchSet: 1 Gerrit-Project: mediawiki/core Gerrit-Branch: master Gerrit-Owner: Aaron Schulz <asch...@wikimedia.org> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits