[Koha-bugs] [Bug 36304] New: Update C4::Auth in_iprange function to work when Koha is hosted behind a cloudflare proxy

Wed Mar 13 09:17:01 CET 2024

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36304

            Bug ID: 36304
           Summary: Update C4::Auth in_iprange function to work when Koha
                    is hosted behind a cloudflare proxy
 Change sponsored?: ---
           Product: Koha
           Version: 23.05
          Hardware: All
                OS: All
            Status: NEW
          Severity: major
          Priority: P5 - low
         Component: Architecture, internals, and plumbing
          Assignee: koha-bugs at lists.koha-community.org
          Reporter: vanoudt at gmail.com
        QA Contact: testopia at bugs.koha-community.org

Created attachment 163104
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=163104&action=edit
Patch CF::Auth in_iprange to allow for CloudFlare proxying

When Koha is run behind a cloudflare proxy, cloudflare obfuscates the
REMOTE_ADDR that is provided to koha. It does, however, add another header that
we can use to check the actual origin of the client - HTTP_CF_CONNECTING_IP.
This patch simply checks to see if this new header is present, indicating koha
is behind the cloudflare poroxy, and uses it instead of REMOTE_ADDR to check if
a client's IP address is in a valid range.

-- 
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.