define( 'RE_IPV6_GAP', ':(?:0+:)*(?::(?:0+:)*)?' );
define( 'RE_IPV6_V4_PREFIX', '0*' . RE_IPV6_GAP . '(?:ffff:)?' );
-// This might be useful for regexps used elsewhere, matches any IPv6 or IPv6 address or network
+// This might be useful for regexps used elsewhere, matches any IPv4 or IPv6 address or network
define( 'IP_ADDRESS_STRING',
'(?:' .
RE_IP_ADD . '(?:\/' . RE_IP_PREFIX . ')?' . // IPv4
/**
* Determine if a string is as valid IP address or network (CIDR prefix).
* SIIT IPv4-translated addresses are rejected.
- * Note: canonicalize() tries to convert translated addresses to IPv4.
+ * @note canonicalize() tries to convert translated addresses to IPv4.
*
* @param string $ip Possible IP address
* @return bool
/**
* Given a string, determine if it as valid IP in IPv6 only.
- * Note: Unlike isValid(), this looks for networks too.
+ * @note Unlike isValid(), this looks for networks too.
*
* @param string $ip Possible IP address
* @return bool
/**
* Given a string, determine if it as valid IP in IPv4 only.
- * Note: Unlike isValid(), this looks for networks too.
+ * @note Unlike isValid(), this looks for networks too.
*
* @param string $ip Possible IP address
* @return bool
/**
* Validate an IP address. Ranges are NOT considered valid.
* SIIT IPv4-translated addresses are rejected.
- * Note: canonicalize() tries to convert translated addresses to IPv4.
+ * @note canonicalize() tries to convert translated addresses to IPv4.
*
* @param string $ip
* @return bool True if it is valid
/**
* Validate an IP Block (valid address WITH a valid prefix).
* SIIT IPv4-translated addresses are rejected.
- * Note: canonicalize() tries to convert translated addresses to IPv4.
+ * @note canonicalize() tries to convert translated addresses to IPv4.
*
* @param string $ipblock
* @return bool True if it is valid
* @param string $addr The address to check against the given range.
* @param string $range The range to check the given address against.
* @return bool Whether or not the given address is in the given range.
+ *
+ * @note This can return unexpected results for invalid arguments!
+ * Make sure you pass a valid IP address and IP range.
*/
public static function isInRange( $addr, $range ) {
$hexIP = self::toHex( $addr );
return "$start/$bits";
}
- /**
- * Checks if an IP is a trusted proxy provider.
- * Useful to tell if X-Forwarded-For data is possibly bogus.
- * CDN cache servers for the site are whitelisted.
- * @since 1.24
- *
- * @param string $ip
- * @return bool
- */
- public static function isTrustedProxy( $ip ) {
- $trusted = self::isConfiguredProxy( $ip );
- Hooks::run( 'IsTrustedProxy', [ &$ip, &$trusted ] );
- return $trusted;
- }
-
- /**
- * Checks if an IP matches a proxy we've configured
- * @since 1.24
- *
- * @param string $ip
- * @return bool
- */
- public static function isConfiguredProxy( $ip ) {
- global $wgSquidServers, $wgSquidServersNoPurge;
-
- // Quick check of known singular proxy servers
- $trusted = in_array( $ip, $wgSquidServers );
-
- // Check against addresses and CIDR nets in the NoPurge list
- if ( !$trusted ) {
- if ( !self::$proxyIpSet ) {
- self::$proxyIpSet = new IPSet( $wgSquidServersNoPurge );
- }
- $trusted = self::$proxyIpSet->match( $ip );
- }
-
- return $trusted;
- }
-
- /**
- * Clears precomputed data used for proxy support.
- * Use this only for unit tests.
- */
- public static function clearCaches() {
- self::$proxyIpSet = null;
- }
-
/**
* Returns the subnet of a given IP
*