]> git.mxchange.org Git - friendica.git/blobdiff - src/App/Request.php
projects / friendica.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge pull request #12311 from matthiasmoritz/event-details-do-not-render-correctly...
[friendica.git] / src / App / Request.php
diff --git a/src/App/Request.php b/src/App/Request.php
index c211dfe0e100cbf75d8c1c8f332cff7c29b98ab2..71b6a9ea3f088f4d160c76ccde3253a69979ff08 100644 (file)
--- a/src/App/Request.php
+++ b/src/App/Request.php
@@ -32,14 +32,20 @@ use Friendica\Core\Config\Capability\IManageConfigValues;
  */
 class Request
 {
-       /** @var string the default possible headers, which could contain the client IP */
-       const ORDERED_FORWARD_FOR_HEADER = 'HTTP_X_FORWARDED_FOR';
+       /**
+        * A comma separated list of default headers that could contain the client IP in a proxy request
+        *
+        * @var string
+        */
+       const DEFAULT_FORWARD_FOR_HEADER = 'HTTP_X_FORWARDED_FOR';
 
        /** @var string The remote IP address of the current request */
        protected $remoteAddress;
 
        /**
         * @return string The remote IP address of the current request
+        *
+        * Do always use this instead of $_SERVER['REMOTE_ADDR']
         */
        public function getRemoteAddress(): string
        {
@@ -58,6 +64,10 @@ class Request
         * Otherwise, $remoteAddress will be compared to $trustedProxy literally and the result
         * will be returned.
         *
+        * @param string $trustedProxy  The current, trusted proxy to check
+        * @param string $remoteAddress The current remote IP address
+        *
+        *
         * @return boolean true if $remoteAddress matches $trustedProxy, false otherwise
         */
        protected function matchesTrustedProxy(string $trustedProxy, string $remoteAddress): bool
@@ -80,6 +90,9 @@ class Request
         * Checks if given $remoteAddress matches any entry in the given array $trustedProxies.
         * For details regarding what "match" means, refer to `matchesTrustedProxy`.
         *
+        * @param string[] $trustedProxies A list of the trusted proxies
+        * @param string   $remoteAddress  The current remote IP address
+        *
         * @return boolean true if $remoteAddress matches any entry in $trustedProxies, false otherwise
         */
        protected function isTrustedProxy(array $trustedProxies, string $remoteAddress): bool
@@ -94,8 +107,12 @@ class Request
        }
 
        /**
+        * Determines the remote address, if the connection came from a trusted proxy
+        * and `forwarded_for_headers` has been configured then the IP address
+        * specified in this header will be returned instead.
+        *
         * @param IManageConfigValues $config
-        * @param array               $server
+        * @param array               $server The $_SERVER array
         *
         * @return string
         */
@@ -105,7 +122,7 @@ class Request
                $trustedProxies = preg_split('/(\s*,*\s*)*,+(\s*,*\s*)*/', $config->get('proxy', 'trusted_proxies', ''));
 
                if (\is_array($trustedProxies) && $this->isTrustedProxy($trustedProxies, $remoteAddress)) {
-                       $forwardedForHeaders = preg_split('/(\s*,*\s*)*,+(\s*,*\s*)*/', $config->get('proxy', 'forwarded_for_headers')) ?? static::ORDERED_FORWARD_FOR_HEADER;
+                       $forwardedForHeaders = preg_split('/(\s*,*\s*)*,+(\s*,*\s*)*/', $config->get('proxy', 'forwarded_for_headers', static::DEFAULT_FORWARD_FOR_HEADER));
 
                        foreach ($forwardedForHeaders as $header) {
                                if (isset($server[$header])) {
Unnamed repository; edit this file 'description' to name the repository.