Fix IPv6 remote addresses from X_FORWARDED_FOR headers before validating

Signed-off-by: Joas Schilling <coding@schilljs.com>
author: Joas Schilling <coding@schilljs.com> 2020-07-02 11:05:02 +0200
committer: Joas Schilling <coding@schilljs.com> 2020-07-02 11:13:13 +0200
commit: 74a9cadc501791eaa42b43a7e66eb23a31b2135f (patch)
tree: f4c53ee27c0bcc1c668ba77f33e49b184ec79382 /lib
parent: ebedbf157968e40230a102c8f6f17c22990b0aae (diff)
download: nextcloud-server-74a9cadc501791eaa42b43a7e66eb23a31b2135f.tar.gz
nextcloud-server-74a9cadc501791eaa42b43a7e66eb23a31b2135f.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/lib/private/AppFramework/Http/Request.php b/lib/private/AppFramework/Http/Request.php
index 12748e0dd62..6428f7116b0 100644
--- a/lib/private/AppFramework/Http/Request.php
+++ b/lib/private/AppFramework/Http/Request.php
@@ -653,6 +653,12 @@ class Request implements \ArrayAccess, \Countable, IRequest {
 				if (isset($this->server[$header])) {
 					foreach (explode(',', $this->server[$header]) as $IP) {
 						$IP = trim($IP);
+
+						// remove brackets from IPv6 addresses
+						if (strpos($IP, '[') === 0 && substr($IP, -1) === ']') {
+							$IP = substr($IP, 1, -1);
+						}
+
 						if (filter_var($IP, FILTER_VALIDATE_IP) !== false) {
 							return $IP;
 						}
author	Joas Schilling <coding@schilljs.com>	2020-07-02 11:05:02 +0200
committer	Joas Schilling <coding@schilljs.com>	2020-07-02 11:13:13 +0200
commit	74a9cadc501791eaa42b43a7e66eb23a31b2135f (patch)
tree	f4c53ee27c0bcc1c668ba77f33e49b184ec79382 /lib
parent	ebedbf157968e40230a102c8f6f17c22990b0aae (diff)
download	nextcloud-server-74a9cadc501791eaa42b43a7e66eb23a31b2135f.tar.gz nextcloud-server-74a9cadc501791eaa42b43a7e66eb23a31b2135f.zip