Closed Bug 615348 Opened 14 years ago Closed 14 years ago

blacklist needs to honor X-Forwarded-For headers

Tracking

(Not tracked)

Status:

RESOLVED FIXED

People

(Reporter: Atoll, Assigned: tarek)

Details

:Atoll

Reporter

Description

•

14 years ago

we discovered that the blacklist functionality isn't reading X-Forwarded-For correctly.

Tarek found a line in middleware that, when changed from 'X_FORWARDED_FOR' to 'HTTP_X_FORWARDED_FOR', fixes part of the bug.

Then the blacklist IP is, quoted to preserve exactly:

"10.250.5.224, 10.250.64.84"

So we actually need to check and blacklist the first IP in that list, "10.250.5.224", rather than any of the others (there could be 3+).

Tarek Ziadé (:tarek)

Assignee

Comment 1

•

14 years ago

Fixed in http://hg.mozilla.org/services/server-key-exchange/rev/5c06017f47f7

Mike Connor [:mconnor]

Updated

•

14 years ago

Component: Server: Other → Server: Key Exchange

Reed Loden [:reed]

Updated

•

14 years ago

QA Contact: other-server → key-exchange-server

Tarek Ziadé (:tarek)

Assignee

Updated

•

14 years ago

Status: NEW → RESOLVED

Closed: 14 years ago

Resolution: --- → FIXED

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

blacklist needs to honor X-Forwarded-For headers

Categories

(Cloud Services :: Server: Key Exchange, defect)

Tracking

(Not tracked)

People

(Reporter: Atoll, Assigned: tarek)

References

Details

Crash Data

Security

(public)

User Story

Description

Comment 1

Updated

Updated

Updated