[Koha-bugs] [Bug 23068] Add ability for Koha to handle X-Forwarded-For headers so REMOTE_ADDR features work behind a proxy

bugzilla-daemon at bugs.koha-community.org bugzilla-daemon at bugs.koha-community.org
Fri Aug 23 20:23:15 CEST 2019


https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23068

Kyle M Hall <kyle at bywatersolutions.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  Attachment #90395|0                           |1
        is obsolete|                            |
  Attachment #91173|0                           |1
        is obsolete|                            |
  Attachment #91447|0                           |1
        is obsolete|                            |

--- Comment #12 from Kyle M Hall <kyle at bywatersolutions.com> ---
Created attachment 92461
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=92461&action=edit
Bug 23068: Add ability for Koha to handle X-Forwarded-For headers so
REMOTE_ADDR features work behind a proxy

Koha has a number of features that rely on knowing the IP address of the
connecting client. If that server is behind a proxy these features do not work.
This patch adds a module to automatically convert the X-Forwarded-For header
into the REMOTE_ADDR environment variable for both CGI and Plack processes.

TEST PLAN:
1) Apply this patch set
2) Install Plack::Middleware::RealIP via cpanm or your favorite utility
3) Update your plack.psgi with the changes you find in this patch set ( this
process differs based on your testing environment )
4) Restart plack
5) Tail the plack error log for your instance
6) Use curl to access the OPAC, adding an X-Forwarded-For header: curl --header
"X-Forwarded-For: 32.32.32.32" http://127.0.0.1:8080
7) Note the logs output this address if you are unproxied
8) If you are proxied, restart plack using a command like below, where the ip
you see in the logs ("REAL IP) is what you put in the koha conf:
    <koha_trusted_proxies>172.22.0.1 1.1.1.1</koha_trusted_proxies>
9) Restart all the things!
10) Repeat step 6
11) You should now see "REAL IP: 32.32.32.32" in the plack logs as the remote
address in your plack-error.log logs!
12) Disable plack so you are running in cgi mode, repeat step 6 again
13) You should see "REAL IP: 32.32.32.32" as the remove address in your
opac-error.log logs!

-- 
You are receiving this mail because:
You are watching all bug changes.


More information about the Koha-bugs mailing list