Show More
@@ -111,6 +111,9 b' app_instance_uuid = development-not-secr' | |||
|
111 | 111 | ## cut off limit for large diffs (size in bytes) |
|
112 | 112 | cut_off_limit = 256000 |
|
113 | 113 | |
|
114 | ## WSGI environment variable to get the IP address of the client (default REMOTE_ADDR) | |
|
115 | #remote_addr_variable = HTTP_X_FORWARDED_FOR | |
|
116 | ||
|
114 | 117 | ## always pretend the client connected using HTTPS (default false) |
|
115 | 118 | #force_https = true |
|
116 | 119 |
@@ -423,8 +423,12 b' somehow pass the original information on' | |||
|
423 | 423 | configured to pick that information up and trust it. |
|
424 | 424 | |
|
425 | 425 | Kallithea will by default rely on its WSGI server to provide the IP of the |
|
426 |
client in the WSGI environment as ``REMOTE_ADDR``, but it can |
|
|
427 | get it from the ``X-Real-IP`` or ``X-Forwarded-For`` HTTP headers. | |
|
426 | client in the WSGI environment as ``REMOTE_ADDR``, but it can be configured to | |
|
427 | get it from an HTTP header that has been set by the proxy server. For | |
|
428 | example, if the proxy server puts the client IP in the ``X-Forwarded-For`` | |
|
429 | HTTP header, set:: | |
|
430 | ||
|
431 | remote_addr_variable = HTTP_X_FORWARDED_FOR | |
|
428 | 432 | |
|
429 | 433 | Kallithea will by default rely on finding the protocol (``http`` or ``https``) |
|
430 | 434 | in the WSGI environment as ``wsgi.url_scheme``. If the proxy server puts |
@@ -81,20 +81,12 b' def _filter_proxy(ip):' | |||
|
81 | 81 | |
|
82 | 82 | |
|
83 | 83 | def get_ip_addr(environ): |
|
84 | proxy_key = 'HTTP_X_REAL_IP' | |
|
85 | proxy_key2 = 'HTTP_X_FORWARDED_FOR' | |
|
86 | def_key = 'REMOTE_ADDR' | |
|
87 | ||
|
88 | ip = environ.get(proxy_key) | |
|
89 | if ip: | |
|
90 | return _filter_proxy(ip) | |
|
91 | ||
|
92 | ip = environ.get(proxy_key2) | |
|
93 | if ip: | |
|
94 | return _filter_proxy(ip) | |
|
95 | ||
|
96 | ip = environ.get(def_key, '0.0.0.0') | |
|
97 | return _filter_proxy(ip) | |
|
84 | """The web server will set REMOTE_ADDR to the unfakeable IP layer client IP address. | |
|
85 | If using a proxy server, make it possible to use another value, such as | |
|
86 | the X-Forwarded-For header, by setting `remote_addr_variable = HTTP_X_FORWARDED_FOR`. | |
|
87 | """ | |
|
88 | remote_addr_variable = kallithea.CONFIG.get('remote_addr_variable', 'REMOTE_ADDR') | |
|
89 | return _filter_proxy(environ.get(remote_addr_variable, '0.0.0.0')) | |
|
98 | 90 | |
|
99 | 91 | |
|
100 | 92 | def get_path_info(environ): |
@@ -174,6 +174,9 b' app_instance_uuid = ${uuid()}' | |||
|
174 | 174 | <%text>##</%text> cut off limit for large diffs (size in bytes) |
|
175 | 175 | cut_off_limit = 256000 |
|
176 | 176 | |
|
177 | <%text>##</%text> WSGI environment variable to get the IP address of the client (default REMOTE_ADDR) | |
|
178 | #remote_addr_variable = HTTP_X_FORWARDED_FOR | |
|
179 | ||
|
177 | 180 | <%text>##</%text> always pretend the client connected using HTTPS (default false) |
|
178 | 181 | #force_https = true |
|
179 | 182 |
General Comments 0
You need to be logged in to leave comments.
Login now