diff options
| author | Brice Figureau <brice-puppet@daysofwonder.com> | 2009-05-30 23:25:08 +0200 |
|---|---|---|
| committer | James Turnbull <james@lovedthanlost.net> | 2009-06-05 07:59:56 +1000 |
| commit | f3b40923605420f774dac298fb1708de180c0a81 (patch) | |
| tree | af7ebe00f208dd3a1f3d6089ca5732ee0e01260e /lib/puppet/network/http/mongrel | |
| parent | 7b0413e59ed0d4391a5ff54fb3cd08f0d005c26d (diff) | |
| download | puppet-f3b40923605420f774dac298fb1708de180c0a81.tar.gz puppet-f3b40923605420f774dac298fb1708de180c0a81.tar.xz puppet-f3b40923605420f774dac298fb1708de180c0a81.zip | |
Fix #2308 - Mongrel should use X-Forwarded-For
Mongrel puppet code uses REMOTE_ADDR to set the ip address which will
be use to authenticate the client access.
Since mongrel is always used in a proxy mode with Puppet, REMOTE_ADDR
is always the address of the proxy (usually 127.0.0.1), which defeats
the purpose.
With this changeset, the mongrel code now uses the X-Forwarded-For
HTTP header value if it is passed over the REMOTE_ADDR.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
Diffstat (limited to 'lib/puppet/network/http/mongrel')
| -rw-r--r-- | lib/puppet/network/http/mongrel/rest.rb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/puppet/network/http/mongrel/rest.rb b/lib/puppet/network/http/mongrel/rest.rb index 2f49506c8..fe3f51d35 100644 --- a/lib/puppet/network/http/mongrel/rest.rb +++ b/lib/puppet/network/http/mongrel/rest.rb @@ -62,7 +62,7 @@ class Puppet::Network::HTTP::MongrelREST < Mongrel::HttpHandler def client_info(request) result = {} params = request.params - result[:ip] = params["REMOTE_ADDR"] + result[:ip] = params["HTTP_X_FORWARDED_FOR"] ? params["HTTP_X_FORWARDED_FOR"].split(',').last.strip : params["REMOTE_ADDR"] # JJM #906 The following dn.match regular expression is forgiving # enough to match the two Distinguished Name string contents |