Add support for X-Forwarded-For
This commit is contained in:
parent
dcba91c0c1
commit
2015530338
|
@ -73,6 +73,13 @@ rophako:
|
||||||
# Password strength: number of iterations for bcrypt password.
|
# Password strength: number of iterations for bcrypt password.
|
||||||
bcrypt_iterations: 12
|
bcrypt_iterations: 12
|
||||||
|
|
||||||
|
# Proxy support. If you *KNOW* your web app will be behind a trusted proxy,
|
||||||
|
# such as a load balancer, you can make the app accept the X-Forwarded-For
|
||||||
|
# header to provide the user's real IP address. Do NOT set this if you are
|
||||||
|
# not behind a proxy, otherwise a malicious user could "spoof" their address
|
||||||
|
# by using this header.
|
||||||
|
use_forwarded_for: false
|
||||||
|
|
||||||
###
|
###
|
||||||
# Mail Settings
|
# Mail Settings
|
||||||
###
|
###
|
||||||
|
|
|
@ -286,10 +286,10 @@ def include(endpoint, *args, **kwargs):
|
||||||
|
|
||||||
|
|
||||||
def remote_addr():
|
def remote_addr():
|
||||||
"""Retrieve the end user's remote IP address."""
|
"""Retrieve the end user's remote IP address. If the site is configured
|
||||||
|
to honor X-Forwarded-For and this header is present, it's returned."""
|
||||||
# TODO: eventually support configurations with X-Forwarded-For, but for
|
if Config.security.use_forwarded_for:
|
||||||
# now at least we're centralizing this in one spot.
|
return request.access_route[0]
|
||||||
return request.remote_addr
|
return request.remote_addr
|
||||||
|
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user