Last modified: 2007-04-24 19:09:41 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T11678, the corresponding Phabricator task for complete and up-to-date bug report information.
Bug 9678 - Record client IP in cuc_xff_hex
Record client IP in cuc_xff_hex
Status: RESOLVED FIXED
Product: MediaWiki
Classification: Unclassified
Special pages (Other open bugs)
1.10.x
PC Windows XP
: Normal normal (vote)
: ---
Assigned To: Aaron Schulz
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2007-04-24 15:11 UTC by Aaron Schulz
Modified: 2007-04-24 19:09 UTC (History)
1 user (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---


Attachments
Patch for ProxyTools (1.52 KB, patch)
2007-04-24 15:19 UTC, Aaron Schulz
Details
Trim, anchor (1.52 KB, patch)
2007-04-24 15:30 UTC, Aaron Schulz
Details
Test if each server is trusted (2.09 KB, patch)
2007-04-24 15:58 UTC, Aaron Schulz
Details
Remove test line, ignore NULL $addresses (1.96 KB, patch)
2007-04-24 16:01 UTC, Aaron Schulz
Details
Move to checkuser.php (2.20 KB, patch)
2007-04-24 18:13 UTC, Aaron Schulz
Details
Use right cvs checking (2.18 KB, patch)
2007-04-24 18:32 UTC, Aaron Schulz
Details

Description Aaron Schulz 2007-04-24 15:11:49 UTC
Currently, the last IP of XFF strings is recorded, this should be changed to the
first one, since the format is:

client, server, server
Comment 1 Aaron Schulz 2007-04-24 15:19:44 UTC
Created attachment 3512 [details]
Patch for ProxyTools

The wfGetLastIPfromXFF() should no longer be used, and this instead for
checkuser.
Comment 2 Rob Church 2007-04-24 15:20:31 UTC
Please remember to add wikibugs-l@wikipedia.org to the CC list when assigning bugs.
Comment 3 Brion Vibber 2007-04-24 15:25:07 UTC
Is this regex meant to match text such as
"aklsdjflkjkldsfjfsdsfda1.2.3.4askdflksdjlkf"?

There's no anchoring at the start or end, so it'll pull the match out of the middle.

More generally, there's no use to pulling only a single item from the XFF line,
as it can't be relied upon unless with intermediate items are trusted. What's
this function meant to be used for, and is there a better way to accomplish it?
Comment 4 Aaron Schulz 2007-04-24 15:30:29 UTC
Created attachment 3513 [details]
Trim, anchor

It is for checkuser. If the checkuser believes any other ones to be
useful/accurate, then they can use those results, rather than just a regexp.

The column is used to search all edits that were made with a given IP acting
behind a proxy according to the XFFs. The trusted ones are highlighted green in
results queries.
Comment 5 Aaron Schulz 2007-04-24 15:58:24 UTC
Created attachment 3514 [details]
Test if each server is trusted
Comment 6 Aaron Schulz 2007-04-24 16:01:00 UTC
Created attachment 3515 [details]
Remove test line, ignore NULL $addresses
Comment 7 Aaron Schulz 2007-04-24 18:13:30 UTC
Created attachment 3518 [details]
Move to checkuser.php
Comment 8 Aaron Schulz 2007-04-24 18:32:42 UTC
Created attachment 3519 [details]
Use right cvs checking
Comment 9 Aaron Schulz 2007-04-24 19:09:41 UTC
Done in r21541.

Note You need to log in before you can comment on or make changes to this bug.


Navigation
Links