[Koha-bugs] [Bug 23068] Add ability for Koha to handle X-Forwarded-For headers so REMOTE_ADDR features work behind a proxy

bugzilla-daemon at bugs.koha-community.org bugzilla-daemon at bugs.koha-community.org
Tue Jul 2 08:16:12 CEST 2019


https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23068

--- Comment #7 from Martin Renvoize <martin.renvoize at ptfs-europe.com> ---
Created attachment 91173
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=91173&action=edit
Bug 23068: Add ability for Koha to handle X-Forwarded-For headers so
REMOTE_ADDR features work behind a proxy

Koha has a number of features that rely on knowing the IP address of the
connecting client. If that server is behind a proxy these features do not work.
We can use Plack::Middleware::RealIP to automatically convert the
X-Forwarded-For header into the REMOTE_ADDR environment variable so no Koha
code need be modified.

We can take advantage of the module's trusted_proxy setting to allow Koha to
use these feature even after going through *multiple* proxies.

TEST PLAN:
1) Apply this patch set
2) Install Plack::Middleware::RealIP via cpanm or your favorite utility
3) Update your plack.psgi with the changes you find in this patch set ( this
process differs based on your testing environment )
4) Restart plack
5) Tail the plack error log for your instance
6) Use curl to access the OPAC, adding an X-Forwarded-For header: curl --header
"X-Forwarded-For: 32.32.32.32" http://127.0.0.1:8080
7) Note the logs output this address if you are unproxied
8) If you are proxied, restart plack using a command like below, where the ip
you see in the logs is what you put in the environment variable:
    KOHA_TRUSTED_PROXIES="172.22.0.1 1.1.1.1" koha-plack --restart kohadev
9) Repeat step 6
7) You should now see 32.32.32.32 as the remote address in your logs!

Signed-off-by: Martin Renvoize <martin.renvoize at ptfs-europe.com>

-- 
You are receiving this mail because:
You are watching all bug changes.


More information about the Koha-bugs mailing list