diff options
| author | Jim Popovitch <jimpop@gmail.com> | 2015-06-23 13:40:09 +0000 |
|---|---|---|
| committer | Jim Popovitch <jimpop@gmail.com> | 2015-06-23 13:40:09 +0000 |
| commit | 28f5f0ce0be5529598124bbe5e0d72b0fd605e69 (patch) | |
| tree | 50ba7d691efa59a0c45d740993c20c392bf4f94b /Mailman/Utils.py | |
| parent | ab19a1505dd93eca5d9ca6792740c9eb56302cfe (diff) | |
| download | mailman2-28f5f0ce0be5529598124bbe5e0d72b0fd605e69.tar.gz mailman2-28f5f0ce0be5529598124bbe5e0d72b0fd605e69.tar.xz mailman2-28f5f0ce0be5529598124bbe5e0d72b0fd605e69.zip | |
Support for HTTP_X_FORWARDED_FOR and HTTP_FORWARDED_FOR (RFC 7239)
Diffstat (limited to 'Mailman/Utils.py')
| -rw-r--r-- | Mailman/Utils.py | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/Mailman/Utils.py b/Mailman/Utils.py index e7eaa389..36c08aaf 100644 --- a/Mailman/Utils.py +++ b/Mailman/Utils.py @@ -262,7 +262,11 @@ def GetPathPieces(envar='PATH_INFO'): if path: if CRNLpat.search(path): path = CRNLpat.split(path)[0] - syslog('error', 'Warning: Possible malformed path attack.') + remote = os.environ.get('HTTP_FORWARDED_FOR', + os.environ.get('HTTP_X_FORWARDED_FOR', + os.environ.get('REMOTE_ADDR', + 'unidentified origin'))) + syslog('error', 'Warning: Possible malformed path attack domain=%s remote=%s' % get_domain(), remote) return [p for p in path.split('/') if p] return None |