From 74a9cadc501791eaa42b43a7e66eb23a31b2135f Mon Sep 17 00:00:00 2001
From: Joas Schilling <coding@schilljs.com>
Date: Thu, 2 Jul 2020 11:05:02 +0200
Subject: Fix IPv6 remote addresses from X_FORWARDED_FOR headers before
 validating

Signed-off-by: Joas Schilling <coding@schilljs.com>
---
 lib/private/AppFramework/Http/Request.php | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'lib')

diff --git a/lib/private/AppFramework/Http/Request.php b/lib/private/AppFramework/Http/Request.php
index 12748e0dd62..6428f7116b0 100644
--- a/lib/private/AppFramework/Http/Request.php
+++ b/lib/private/AppFramework/Http/Request.php
@@ -653,6 +653,12 @@ class Request implements \ArrayAccess, \Countable, IRequest {
 				if (isset($this->server[$header])) {
 					foreach (explode(',', $this->server[$header]) as $IP) {
 						$IP = trim($IP);
+
+						// remove brackets from IPv6 addresses
+						if (strpos($IP, '[') === 0 && substr($IP, -1) === ']') {
+							$IP = substr($IP, 1, -1);
+						}
+
 						if (filter_var($IP, FILTER_VALIDATE_IP) !== false) {
 							return $IP;
 						}
-- 
cgit v1.2.3