Browse Source

Add support for X-Forwarded-For

pull/2/head
Noah Petherbridge 5 years ago
parent
commit
2015530338
2 changed files with 11 additions and 4 deletions
  1. +7
    -0
      defaults.yml
  2. +4
    -4
      rophako/utils.py

+ 7
- 0
defaults.yml View File

@@ -73,6 +73,13 @@ rophako:
# Password strength: number of iterations for bcrypt password.
bcrypt_iterations: 12

# Proxy support. If you *KNOW* your web app will be behind a trusted proxy,
# such as a load balancer, you can make the app accept the X-Forwarded-For
# header to provide the user's real IP address. Do NOT set this if you are
# not behind a proxy, otherwise a malicious user could "spoof" their address
# by using this header.
use_forwarded_for: false

###
# Mail Settings
###


+ 4
- 4
rophako/utils.py View File

@@ -286,10 +286,10 @@ def include(endpoint, *args, **kwargs):


def remote_addr():
"""Retrieve the end user's remote IP address."""
# TODO: eventually support configurations with X-Forwarded-For, but for
# now at least we're centralizing this in one spot.
"""Retrieve the end user's remote IP address. If the site is configured
to honor X-Forwarded-For and this header is present, it's returned."""
if Config.security.use_forwarded_for:
return request.access_route[0]
return request.remote_addr




Loading…
Cancel
Save