dépôts
/
lhc
/
web
/
wiklou.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
3e37ebb
)
*Document some older functions
author
Aaron Schulz
<aaron@users.mediawiki.org>
Mon, 23 Apr 2007 18:06:37 +0000
(18:06 +0000)
committer
Aaron Schulz
<aaron@users.mediawiki.org>
Mon, 23 Apr 2007 18:06:37 +0000
(18:06 +0000)
includes/ProxyTools.php
patch
|
blob
|
history
diff --git
a/includes/ProxyTools.php
b/includes/ProxyTools.php
index
aaf2ee1
..
ad5b22c
100644
(file)
--- a/
includes/ProxyTools.php
+++ b/
includes/ProxyTools.php
@@
-3,6
+3,12
@@
* Functions for dealing with proxies
*/
* Functions for dealing with proxies
*/
+/**
+ * Extracts the XFF string from the request header
+ * Checks first for "X-Forwarded-For", then "Client-ip"
+ * Note: headers are spoofable
+ * @return string
+ */
function wfGetForwardedFor() {
if( function_exists( 'apache_request_headers' ) ) {
// More reliable than $_SERVER due to case and -/_ folding
function wfGetForwardedFor() {
if( function_exists( 'apache_request_headers' ) ) {
// More reliable than $_SERVER due to case and -/_ folding
@@
-44,6
+50,11
@@
function wfGetClientIPfromXFF( $xff ) {
return null;
}
return null;
}
+/**
+ * Returns the browser/OS data from the request header
+ * Note: headers are spoofable
+ * @return string
+ */
function wfGetAgent() {
if( function_exists( 'apache_request_headers' ) ) {
// More reliable than $_SERVER due to case and -/_ folding
function wfGetAgent() {
if( function_exists( 'apache_request_headers' ) ) {
// More reliable than $_SERVER due to case and -/_ folding
@@
-61,7
+72,11
@@
function wfGetAgent() {
}
}
}
}
-/** Work out the IP address based on various globals */
+/**
+ * Work out the IP address based on various globals
+ * For trusted proxies, use the XFF client IP (first of the chain)
+ * @return string
+ */
function wfGetIP() {
global $wgIP;
function wfGetIP() {
global $wgIP;
@@
-106,6
+121,13
@@
function wfGetIP() {
return $ip;
}
return $ip;
}
+/**
+ * Checks if an IP is a trusted proxy providor
+ * Useful to tell if X-Fowarded-For data is possibly bogus
+ * Squid cache servers for the site and AOL are whitelisted
+ * @param string $ip
+ * @return bool
+ */
function wfIsTrustedProxy( $ip ) {
global $wgSquidServers, $wgSquidServersNoPurge;
function wfIsTrustedProxy( $ip ) {
global $wgSquidServers, $wgSquidServersNoPurge;
@@
-170,6
+192,7
@@
function wfProxyCheck() {
/**
* Convert a network specification in CIDR notation to an integer network and a number of bits
/**
* Convert a network specification in CIDR notation to an integer network and a number of bits
+ * @return array(string, int)
*/
function wfParseCIDR( $range ) {
return IP::parseCIDR( $range );
*/
function wfParseCIDR( $range ) {
return IP::parseCIDR( $range );
@@
-177,6
+200,7
@@
function wfParseCIDR( $range ) {
/**
* Check if an IP address is in the local proxy list
/**
* Check if an IP address is in the local proxy list
+ * @return bool
*/
function wfIsLocallyBlockedProxy( $ip ) {
global $wgProxyList;
*/
function wfIsLocallyBlockedProxy( $ip ) {
global $wgProxyList;
@@
-209,6
+233,7
@@
function wfIsLocallyBlockedProxy( $ip ) {
/**
* TODO: move this list to the database in a global IP info table incorporating
* trusted ISP proxies, blocked IP addresses and open proxies.
/**
* TODO: move this list to the database in a global IP info table incorporating
* trusted ISP proxies, blocked IP addresses and open proxies.
+ * @return bool
*/
function wfIsAOLProxy( $ip ) {
$ranges = array(
*/
function wfIsAOLProxy( $ip ) {
$ranges = array(