0001277: shop returns more than a single IP as User-Remote-IP

ID	Project	Category	View Status	Date Submitted	Last Update

0001277	OXID eShop (all versions)	4. ------ eShop Core -------	public	2009-09-01 18:12	2012-12-10 13:42

Reporter	d3	Assigned To
Priority	normal	Severity	minor	Reproducibility	always
Status	resolved	Resolution	fixed
Product Version	4.1.5 revision 21618
Fixed in Version	4.1.6 revision 22740

Summary	0001277: shop returns more than a single IP as User-Remote-IP
Description	We use oxUtilsServer::getRemoteAddress() in some modules to sent Client-IP to external services. In some cases we got from this method strings like this: "123.456.789.123, 127.0.0.1" Here we found an explanation: http://www.dyndnsservices.com/supp/viewtopic.php?f=7&p=12 Please check the result of $_SERVER["HTTP_X_FORWARDED_FOR"] as a valid IP-adress.
Tags	No tags attached.

Theme
Browser	All
PHP Version	5.2.6
Database Version	5.0.33

dainius.bigelis 2009-09-03 10:46 reporter ~0001619	@Developer: please check from the source code, if this $_SERVER["HTTP_X_FORWARDED_FOR"] is used in eshop source code. If yes - implement additional check for correct IP returned.

sarunas_valaskevicius 2009-09-16 17:07 reporter ~0001761	fixed in remote ip getter - returns just user ip, ignoring proxy