X_FORWARDED_FOR standard states either just an IP or a comma seperated list of IP, Proxy, Proxy, ...
This commit is contained in:
parent
a118d1d921
commit
90a9fd49e6
|
@ -140,7 +140,7 @@ class WC_Geolocation {
|
|||
} elseif ( isset( $_SERVER['HTTP_X_FORWARDED_FOR'] ) ) { // WPCS: input var ok, CSRF ok.
|
||||
// Proxy servers can send through this header like this: X-Forwarded-For: client1, proxy1, proxy2
|
||||
// Make sure we always only send through the first IP in the list which should always be the client IP.
|
||||
return (string) rest_is_ip_address( trim( current( preg_split( '/[,:]/', sanitize_text_field( wp_unslash( $_SERVER['HTTP_X_FORWARDED_FOR'] ) ) ) ) ) ); // WPCS: input var ok, CSRF ok.
|
||||
return (string) rest_is_ip_address( trim( current( preg_split( '/,/', sanitize_text_field( wp_unslash( $_SERVER['HTTP_X_FORWARDED_FOR'] ) ) ) ) ) ); // WPCS: input var ok, CSRF ok.
|
||||
} elseif ( isset( $_SERVER['REMOTE_ADDR'] ) ) { // @codingStandardsIgnoreLine
|
||||
return sanitize_text_field( wp_unslash( $_SERVER['REMOTE_ADDR'] ) ); // @codingStandardsIgnoreLine
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue