IP address from XFF header contains spaces
mindgame - September 17, 2008 - 09:44
Description
In "includes/bootstrap.inc", function "ip_address":
Instead of
array_pop(explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']))
shouldn't it be
trim(array_pop(explode(',', $_SERVER['HTTP_X_FORWARDED_FOR'])))
because when the XFF header contains multiple addresses they are separated by ", ".
Same for D7.

#1
No RFC, but according to wikipedia:
So it indeed looks as if we should either explode using
', 'instead of','or wrap the array_pop in trim as per your suggestion.#2
Patch.
#3
Patch looks good. Maybe extend the code comment a bit? That wouldn't hurt.
#4
Rewrote the comment to provide some extra documentation/clarification.
#5
Committed to CVS HEAD. Thanks.
#6
Automatically closed -- issue fixed for 2 weeks with no activity.