interkollektives/lichterei-web
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Upgrade to 3.3.6

Browse Source
This commit is contained in:
Bastian Allgeier
2020-04-27 15:39:33 +02:00
parent 1f2f39ce58
commit e64a392079
19 changed files with 806 additions and 3572 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
kirby/src/Cms/System.php
View File

@@ -189,21 +189,14 @@ class System
*/
public function isLocal(): bool
{
$server = $this->app->server();
$host = $server->host();
$server = $this->app->server();
$visitor = $this->app->visitor();
$host = $server->host();
if ($host === 'localhost') {
return true;
}
if (in_array($server->address(), ['::1', '127.0.0.1', '0.0.0.0']) === true) {
return true;
}
if (Str::endsWith($host, '.dev') === true) {
return true;
}
if (Str::endsWith($host, '.local') === true) {
return true;
}
@@ -212,6 +205,27 @@ class System
return true;
}
if (in_array($visitor->ip(), ['::1', '127.0.0.1']) === true) {
// ensure that there is no reverse proxy in between
if (
isset($_SERVER['HTTP_X_FORWARDED_FOR']) === true &&
in_array($_SERVER['HTTP_X_FORWARDED_FOR'], ['::1', '127.0.0.1']) === false
) {
return false;
}
if (
isset($_SERVER['HTTP_CLIENT_IP']) === true &&
in_array($_SERVER['HTTP_CLIENT_IP'], ['::1', '127.0.0.1']) === false
) {
return false;
}
// no reverse proxy or the real client also comes from localhost
return true;
}
return false;
}

2
kirby/src/Http/Visitor.php
View File

@@ -55,7 +55,7 @@ class Visitor
*/
public function __construct(array $arguments = [])
{
$this->ip($arguments['ip'] ?? getenv('REMOTE_ADDR'));
$this->ip($arguments['ip'] ?? $_SERVER['REMOTE_ADDR'] ?? '');
$this->userAgent($arguments['userAgent'] ?? $_SERVER['HTTP_USER_AGENT'] ?? '');
$this->acceptedLanguage($arguments['acceptedLanguage'] ?? $_SERVER['HTTP_ACCEPT_LANGUAGE'] ?? '');
$this->acceptedMimeType($arguments['acceptedMimeType'] ?? $_SERVER['HTTP_ACCEPT'] ?? '');