realip_module

[Anatoli Marinov]

My patch for this issue was:
@@ -157,16 +157,13 @@
          len = r->headers_in.x_forwarded_for->value.len;
          ip = r->headers_in.x_forwarded_for->value.data;

-        for (p = ip + len - 1; p > ip; p--) {
-            if (*p == ' ' || *p == ',') {
-                p++;
-                len -= p - ip;
-                ip = p;
-                break;
-            }
-        }
+        p = ip;

-        break;
+        while(*p != ',' && *p != ' ' && p < p + len){
+            p++;
+        }
+        len = p - ip;
+        break;

      default: /* NGX_HTTP_REALIP_HEADER */

@@ -414,6 +411,7 @@

On 08/16/2011 12:46 PM, Anatoli Marinov wrote:
> Hello mates,
> I tried readip_module and I found it does not work as I expect.
> For example the header may looks like this:
> X-Forwarded-For: client1, proxy1, proxy2
>
> Where client1 should be the real ip address of the client, proxy1 
> should be the first proxy after the client and proxy2 should be the 
> last proxy after the client and the first before the nginx. Nginx has 
> the connection with proxy2.
> I think In this case readip_module should return client1 ip address. 
> It returns the latest address in the field - proxy2.
> What do you think? Is the behaviour wrong or I do not understand the 
> meaning of this header?
>
> p.s. http://en.wikipedia.org/wiki/X-Forwarded-For
>
> Thanks in advance.
> A. Marinov
>
>
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx-devel

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx-devel/attachments/20110816/43f8aac8/attachment.html>