Skip to content
Commit 95009316 authored by Jim Jagielski's avatar Jim Jagielski
Browse files

Merge r1688399 from trunk:

mod_remoteip: Use r->useragent_addr as the root trusted address for verifying.

This fixes issue resulting in setting of bad useragent_ip when internal
redirection has been generated as response to the request (typically as
result of "ErrorDocument 40x").

In this case, the original request has been handled by mod_remoteip and its
useragent_ip has been changed properly, but when internal redirection
to ErrorDocument has been generated later, the mod_remoteip's handler has been
executed again with *the same* c->client_addr as in the original request. If
c->client_addr IP is trusted, this results in bad useragent_ip being set.

When using r->useragent_addr as the root trusted address instead of
c->client_addr, the internal redirection uses the first non-trusted
IP in this particular case, so it won't change the r->useragent_ip during
the internal redirection to ErrorDocument.

Submitted by: jkaluza
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1767483 13f79535-47bb-0310-9956-ffa450edef68
parent 4b5ca1c7
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment