50d1791838
* Add a new settings (which needs to be manually set): `security.trusted_proxies` * On login failure, if the `REMOTE_ADDR` is in the trusted proxies, try to retrieve the forwarded IP in headers. * If found, the client address is added in ipbans, else we do nothing. Fixes #409
58 lines
1.6 KiB
PHP
58 lines
1.6 KiB
PHP
<?php
|
|
|
|
require_once 'application/HttpUtils.php';
|
|
|
|
/**
|
|
* Unitary tests for getIpAddressFromProxy()
|
|
*/
|
|
class GetIpAdressFromProxyTest extends PHPUnit_Framework_TestCase {
|
|
|
|
/**
|
|
* Test without proxy
|
|
*/
|
|
public function testWithoutProxy()
|
|
{
|
|
$this->assertFalse(getIpAddressFromProxy(array(), array()));
|
|
}
|
|
|
|
/**
|
|
* Test with a single IP in proxy header.
|
|
*/
|
|
public function testWithOneForwardedIp()
|
|
{
|
|
$ip = '1.1.1.1';
|
|
$server = array('HTTP_X_FORWARDED_FOR' => $ip);
|
|
$this->assertEquals($ip, getIpAddressFromProxy($server, array()));
|
|
}
|
|
|
|
/**
|
|
* Test with a multiple IPs in proxy header.
|
|
*/
|
|
public function testWithMultipleForwardedIp()
|
|
{
|
|
$ip = '1.1.1.1';
|
|
$ip2 = '2.2.2.2';
|
|
|
|
$server = array('HTTP_X_FORWARDED_FOR' => $ip .','. $ip2);
|
|
$this->assertEquals($ip2, getIpAddressFromProxy($server, array()));
|
|
|
|
$server = array('HTTP_X_FORWARDED_FOR' => $ip .' , '. $ip2);
|
|
$this->assertEquals($ip2, getIpAddressFromProxy($server, array()));
|
|
}
|
|
|
|
/**
|
|
* Test with a trusted IP address.
|
|
*/
|
|
public function testWithTrustedIp()
|
|
{
|
|
$ip = '1.1.1.1';
|
|
$ip2 = '2.2.2.2';
|
|
|
|
$server = array('HTTP_X_FORWARDED_FOR' => $ip);
|
|
$this->assertFalse(getIpAddressFromProxy($server, array($ip)));
|
|
|
|
$server = array('HTTP_X_FORWARDED_FOR' => $ip .','. $ip2);
|
|
$this->assertEquals($ip2, getIpAddressFromProxy($server, array($ip)));
|
|
$this->assertFalse(getIpAddressFromProxy($server, array($ip, $ip2)));
|
|
}
|
|
}
|