diff options
| author | rinpatch <rinpatch@sdf.org> | 2020-01-29 23:59:27 +0300 |
|---|---|---|
| committer | rinpatch <rinpatch@sdf.org> | 2020-01-30 00:06:58 +0300 |
| commit | 889965141a1411dd546757fbb964695bd8f712d7 (patch) | |
| tree | 4c2e58cdf1f0e0bb1c5c20f4671eada7eb5b0091 /lib | |
| parent | f5cb2af85a2a3798d18d887b5947a65979cb65b9 (diff) | |
| download | pleroma-889965141a1411dd546757fbb964695bd8f712d7.tar.gz pleroma-889965141a1411dd546757fbb964695bd8f712d7.zip | |
RemoteIp: only trust X-Forwarded-For
Our nginx config will happily pass `Forwarded`/`X-Real-IP` from the
client. Caddy, Apache and Varnish pass `X-Forwarded-For` as well anyway.
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/pleroma/plugs/remote_ip.ex | 3 |
1 files changed, 0 insertions, 3 deletions
diff --git a/lib/pleroma/plugs/remote_ip.ex b/lib/pleroma/plugs/remote_ip.ex index fdedc27ee..1cd5af48a 100644 --- a/lib/pleroma/plugs/remote_ip.ex +++ b/lib/pleroma/plugs/remote_ip.ex @@ -10,10 +10,7 @@ defmodule Pleroma.Plugs.RemoteIp do @behaviour Plug @headers ~w[ - forwarded x-forwarded-for - x-client-ip - x-real-ip ] # https://en.wikipedia.org/wiki/Localhost |