aboutsummaryrefslogtreecommitdiffstats
path: root/includes/ProxyTools.php
Commit message (Collapse)AuthorAgeFilesLines
* Skip IP::isInRange() test if input is not in CIDR notationBryan Davis2013-11-131-1/+2
| | | | | | | | | | | | | | IP:isInRange() performs several moderately expensive tests via regular expression matching that can cause unwanted load with a sufficiently complicated runtime configuration. Check the $wgSquidServersNoPurge value to see if it includes the CIDR mask separator token ('/') before continuing on to perform those more expensive tests. Follows up Ia81bed7d8b42a2d2b200a3ce45a74e3784cdca2a Bug: 52829 Change-Id: Ia557cb54f3a1bf67c8282140ab748369faa83028
* Short circuit $wgSquidServersNoPurge iteration if ip is specificallyReedy2013-11-131-1/+2
| | | | | | | | listed. Quicker! Follows up I49e34bdf13e8e8c6cd169c362c283fe1034bdc6d Change-Id: Ia81bed7d8b42a2d2b200a3ce45a74e3784cdca2a
* Support CIDR ranges in $wgSquidServersNoPurgeBryan Davis2013-11-071-2/+14
| | | | | | | | | | | | | | | Use IP::isInRange() in wfIsConfiguredProxy() to allow matching against CIDR entries in $wgSquidServersNoPurge. This will allow maintainers of large networks to whitelist contiguous blocks of IPv4 and/or IPv6 addresses as trusted X-Forwarded-For providers. This change also makes a small change to WebRequestTest::testGetIpLackOfRemoteAddrThrowAnException() which was failing under some configurations due to non-default globals configuration. Bug: 52829 Change-Id: I49e34bdf13e8e8c6cd169c362c283fe1034bdc6d
* Remove proxy check in EditPage.phpKevin Israel2013-10-211-40/+0
| | | | | | | | | $wgBlockOpenProxies, $wgProxyPorts, $wgProxyScriptPath, and $wgProxyMemcExpiry have been removed, along with the open proxy scanner script they were added for. Bug: 54597 Change-Id: Id4c7521443f04995df3d8762d23629c18ada76f8
* Spellchecked /includes directoryYuri Astrakhan2013-03-131-2/+2
| | | | | | | | | * Ran spell-checker over code comments in /includes/ * A few spellchecking fixes for wfDebug() calls Found one very strange (NOOP?) line in Linker.php - see "TODO: BUG?" Change-Id: Ibb86b51073b980eda9ecce2cf0b8dd33f058adbf
* fix some spacingumherirrender2013-02-041-1/+1
| | | | Change-Id: I8f976013f33c5818e4402604fe8610aa3f43b0c6
* Added missing GPLv2 headers in some places.Alexandre Emsenhuber2012-05-111-1/+16
| | | | | | Also made file/class documentation more consistent. Change-Id: Ia45d0756cd84138da267bf1cbd1a58be7f28c6d1
* Refactors the check if a particular IP is in the list of configured squid ↵Arthur Richards2012-02-211-2/+11
| | | | | | | servers into its own function. Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/112050
* added missing deprecation noticesJeroen De Dauw2011-12-131-1/+3
| | | | Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/106070
* Expand some more URLs: for feeds, referers and the proxy scriptRoan Kattouw2011-08-191-1/+1
| | | | Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/95016
* Removed mention of AOL, no longer true since r39892Alexandre Emsenhuber2011-08-181-3/+4
| | | | Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/94946
* Moved wfGetIP() to WebRequest::getIP():Alexandre Emsenhuber2011-08-181-97/+13
| | | | | | | | | * Changed all calls in core to the latter * Also marked wfGetForwardedFor() as deprecated * Moved wfGetIP() tests to WebRequestTest Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/94932
* Tests for wfGetIP() follow up r89407Antoine Musso2011-08-161-1/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * wfGetIP() now support resetting its internal static variable. Thanks to Platonides which introduced this trick with r92960. * Various tests for $_SERVER['REMOTE_ADDR'] and $wgCommandLineMode. revert r94575: - reenable testGetFromServerRemoteAddr() which was not an issue reintroduce r94558: - per CR on r94558 by Aaron use meaningful parameter to wfGetIP() when resetting the static variable ( 'reset' instead of true). - keep testLackOfRemoteAddrThrowAnException() test in the broken group with a comment for later fixing. TODO: - implements tests for XFF headers. TEST PLAN: $ ./phpunit.php --filter wfGetIP --testdox PHPUnit 3.5.14 by Sebastian Bergmann. wfGetIP [x] Get loopback address when in command line [x] Get from server remote addr [x] Lack of remote addr throw an exception $ Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/94638
* back off r94558:Antoine Musso2011-08-151-7/+1
| | | | | | | | | | | | | | | | - reverts ./includes/ProxyTools.php - marks tests broken In our test suite, the first call to wfGetIP() set the static variable. Hence the remaining of the code is only tested on the first call to it. Resetting the static variable enlight a bug somewhere in our code where we are calling wfGetIP() but can not reliably get an IP, somehow REMOTE_ADDR does not exist and $wgCommandLineMode is disabled. Will have to track this bug further when I got time. Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/94577
* Tests for wfGetIP() follow up r89407Antoine Musso2011-08-151-1/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | * wfGetIP() now support resetting its internal static variable. Thanks to Platonides which introduced this trick with r92960. * Various tests for $_SERVER['REMOTE_ADDR'] and $wgCommandLineMode. TODO: - implements tests for XFF headers. TEST PLAN: $ ./phpunit.php --filter wfGetIP --testdox PHPUnit 3.5.14 by Sebastian Bergmann. wfGetIP [x] Get loopback address when in command line [x] Get from server remote addr [x] Lack of remote addr throw an exception $ Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/94558
* * Revert r94487 and r19889 to an extent -- ONLY check for the ↵Ryan Schmidt2011-08-151-10/+1
| | | | | | | X-Forwarded-For header when we are behind a proxy, as mostly every properly configured proxy software sets it, and attempting to support those that do not opens up the ability to spoof IP addresses by setting arbitrary headers. Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/94489
* When MediaWiki is being run behind a proxy, also check the X-Real-IP header ↵Ryan Schmidt2011-08-151-1/+5
| | | | | | | to determine the client's actual IP address (some servers such as nginx might set this instead of X-Forwarded-For depending on configuration). Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/94487
* Update code comments that point to 1.18 to point to 1.19Sam Reed2011-07-181-1/+1
| | | | Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/92498
* Moved wfIsLocallyBlockedProxy() to User::isLocallyBlockedProxy() to put it ↵Alexandre Emsenhuber2011-06-191-32/+0
| | | | | | | | | near other proxy checks. No other call to that function in core or extension. Also added a check to not execute a part of User::getBlockedStatus() if $ip is null. Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/90393
* Swap else if for elseifSam Reed2011-06-171-1/+1
| | | | | | | | | Trimming trailing whitespace also Doing in 3 commits (2/3), so hopefully reviewable in CR... Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/90281
* Don't execute the loop if there's no X-Forwarded-For header, also don't use ↵Alexandre Emsenhuber2011-06-031-21/+18
| | | | | | | isset() to check only for null Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/89407
* Deprecated wfGetAgent(), use $wgRequest->getHeader( 'User-Agent' ) insteadAlexandre Emsenhuber2011-06-031-0/+3
| | | | Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/89405
* Removed more functions marked for removal in 1.19: wfParseCIDR(), ↵Alexandre Emsenhuber2011-05-061-11/+0
| | | | | | | wfRFC822Phrase() and userMailer(). Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/87558
* Type hintingSam Reed2011-04-251-9/+4
| | | | | | | | | Braces Remove extra whitespace Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/86902
* Fix some Notices:Paul Copperman2011-04-111-2/+3
| | | | | | | | | * LanguageKaa.php: Fix ucfirst and lcfirst for empty strings. * SkinTemplate.php: Fix undefined array access. * ProxyTools.php: When running hiphop in cli mode, apache_request_headers() returns null. Fix wfGetForwardedFor() to account for that. Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/85800
* Mark wfParseCIDR(), was moved to IP::parseCIDR() in r16625; also tag for ↵Alexandre Emsenhuber2010-11-071-0/+3
| | | | | | | removal, no use in core or extensions. Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/76251
* Remove $wgIP global, but add a hook instead.Platonides2010-09-111-5/+7
| | | | | | | | This allows extensions to "make mediawiki ignore ips completely", as requested earlier today in #mediawiki Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/72803
* * Standardised file description headersAlexandre Emsenhuber2010-08-141-0/+1
| | | | | | | | * Added some descriptions * Added @file where needed Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/71078
* fix some doxygen errorsAlexandre Emsenhuber2009-12-111-1/+1
| | | | Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/59976
* $fname -> __METHOD__Alexandre Emsenhuber2009-11-071-3/+2
| | | | Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/58709
* Followup to r52671, fix redirection syntax to work with windows as well.OverlordQ2009-08-251-1/+1
| | | | Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/55575
* Use wfGetNull() instead of hardcoded /dev/nullChad Horohoe2009-07-021-1/+1
| | | | Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/52671
* Fix for r51774, r51784: set '127.0.0.1' as IP for CLI, but with explicit ↵Alexandre Emsenhuber2009-06-121-1/+3
| | | | | | | check for $wgCommandLineMode so that the exception "Unable to determine IP" is not thrown in this case. Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/51785
* Fixes for r51774:Alexandre Emsenhuber2009-06-121-3/+4
| | | | | | | | | * declare $ip and $ipchain so that it doesn't throw notices and warnings * don't set $ip to false after getting it from $_SERVER['REMOTE_ADDR'], otherwise it won't work when there's no XFF header * fix logic when throwing the exception: throw it when there's no IP Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/51784
* Revert r51725 (fall back to 127.0.0.1 when IP cannot be determined). On ↵Chad Horohoe2009-06-121-6/+11
| | | | | | | further discussion, it's best if we don't make up a fake IP. Tweak the logic here a bit (per Tim) to let XFF attempt to determine the actual IP. Throw an exception if we can't. Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/51774
* (bug 18173) Login form exception on malformed REMOTE_ADDR, wfGetIP() now ↵Chad Horohoe2009-06-111-2/+2
| | | | | | | falls back to 127.0.01 if the IP cannot be determined, which is more sane than returning null. Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/51725
* Revert r44254 "Cleanup to wfGetNull(): * Add override in case /dev/null ↵Brion Vibber2008-12-101-1/+1
| | | | | | | | | | | | isn't accessible (bug 11009)" Doesn't seem like a proper fix here... At best, this'll be dumping random crap to some random file unless the user has a local copy of the /dev/null device file, which seems.... wrong. :) For anything generating command lines, it probably won't make any difference (assuming exec() is enabled at all!) since open_basedir won't be searching through the command line (I think). Assuming the core use case actually happens (open_basedir is set, but proc_open() is available to run tidy), a more correct fix is probably to go ahead and read in stderr and toss the results, or maybe better pass it through to PHP's stderr FD instead of opening /dev/null ourselves. Tidy has a -q option which should suppress random "hi i'm tidy version XYZ" if it's currently present. Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/44428
* Cleanup to wfGetNull():Chad Horohoe2008-12-051-1/+1
| | | | | | | | * Add override in case /dev/null isn't accessible (bug 11009) * Use wfGetNull() in ProxyTools rather than hardcoding it Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/44254
* Added a new configuration option ($wgUsePrivateIPs) to force MediaWiki to ↵Charles Melbye2008-11-201-3/+5
| | | | | | | use forwarded Private IPs from a Proxy server Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/43784
* Reverting r40323, as per comments on wikitech-l. Deprecated doesn't mean ↵Tim Starling2008-09-031-2/+2
| | | | | | | removed. It doesn't even mean it'll be removed in the future. It just means you shouldn't use it. Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/40354
* Fully deprecate $wgProxyKey. Has been marked as deprecated since 1.4, but ↵Chad Horohoe2008-09-021-2/+2
| | | | | | | never seems to have been done. Sites with $wgProxyKey set will continue to use the setting (added a fallback in Setup). Fixes bugs 9258 and 12089. Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/40323
* Removed the AOL hack. Use the TrustedXFF extension instead.Tim Starling2008-08-241-49/+1
| | | | Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/39892
* Add comment explaining mystery list of IP addressesAryeh Gregor2008-07-011-0/+1
| | | | Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/36868
* WARNING: HUGE COMMITAlexandre Emsenhuber2008-05-201-0/+1
| | | | | | | | | | | | | | | | | | Doxygen documentation update: * Changed alls @addtogroup to @ingroup. @addtogroup adds the comment to the group description, but doesn't add the file, class, function, ... to the group like @ingroup does. See for example http://svn.wikimedia.org/doc/group__SpecialPage.html where it's impossible to see related files, classes, ... that should belong to that group. * Added @file to file description, it seems that it should be explicitely decalred for file descriptions, otherwise doxygen will think that the comment document the first class, variabled, function, ... that is in that file. * Removed some empty comments * Removed some ?> Added following groups: * ExternalStorage * JobQueue * MaintenanceLanguage One more thing: there are still a lot of warnings when generating the doc. Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/35098
* * remove end of line whitespaceSiebrand Mazeland2008-04-141-9/+5
| | | | | | | | * remove empty lines at end of file * remove "?>" where still present Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/33276
* Withespaces fixes.Alexandre Emsenhuber2008-03-081-4/+4
| | | | Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/31708
* Fix for 13281: Normalize header names as per RFC 2616Anders Wegge Jakobsen2008-03-071-5/+12
| | | | Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/31694
* * Update docs/memcached.txtAlexandre Emsenhuber2008-03-011-12/+5
| | | | | | | * Kill call to $wgUseMemCached in includes/ProxyTools.php Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/31425
* Remove ?>'s from files. They're pointless, and just asking for people to ↵Aryeh Gregor2007-06-291-1/+1
| | | | | | | mess with the files and add trailing whitespace. (Yes, I looked over every one and reverted those that were bogus. Slash-enter a million times in less worked well enough, although it was a bit mind-numbing.) Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/23531
* *Remove wfGetLastIPfromXFF() from r19889Aaron Schulz2007-04-241-29/+0
| | | | Notes: http://mediawiki.org/wiki/Special:Code/MediaWiki/21542
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-24 18:00:32 +0000