-
-
Notifications
You must be signed in to change notification settings - Fork 3.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Remove ProxyMiddleware #5607
Remove ProxyMiddleware #5607
Changes from 1 commit
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -17,15 +17,23 @@ | |
|
||
|
||
def get_client_ip(request): | ||
"""Gets the real IP based on a request object.""" | ||
ip_address = request.META.get('REMOTE_ADDR') | ||
""" | ||
Gets the real client's IP address. | ||
|
||
It returns the real IP address of the client based on ``HTTP_X_FORWARDED_FOR`` | ||
header. If the header is not found, it returns ``None``. | ||
""" | ||
|
||
x_forwarded_for = request.META.get('HTTP_X_FORWARDED_FOR', '') | ||
|
||
# Get the original IP address (eg. "X-Forwarded-For: client, proxy1, proxy2") | ||
x_forwarded_for = request.META.get('HTTP_X_FORWARDED_FOR', '').split(',')[0] | ||
if x_forwarded_for: | ||
ip_address = x_forwarded_for.rsplit(':')[0] | ||
# HTTP_X_FORWARDED_FOR can be a comma-separated list of IPs. | ||
# The client's IP will be the first one. | ||
# (eg. "X-Forwarded-For: client, proxy1, proxy2") | ||
real_ip = x_forwarded_for.split(',')[0].strip() | ||
return real_ip | ||
|
||
return ip_address | ||
return None | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. There's two cases here and these changes neglect one of them:
This function is used in advertising code for geo-targeting as well as being used for server side analytics (currently used in advertising but in the future might replace Google Analytics JS) but the middleware can be safely removed. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. @davidfischer Will there be any case in which both of these headers are not found? Currently the implementation returns |
||
|
||
|
||
def anonymize_ip_address(ip_address): | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This logic was removed and also shouldn't be. The X-Forwarded-For header is not exactly a standard but some implementations include a port number. This line strips that port number.
This function is correct and working as-is. Is there a reason to change it? I do appreciate comments which capture the reasoning though.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@davidfischer
Thank you for this information. I didn't found this while searching about the header and removed this line thinking that it can produce bugs.
I have updated the code.
The only reason was the readability and to improve comments.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We should add tests for this also.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@ericholscher
I have added the tests.