[MediaWiki-commits] [Gerrit] VCL: clear XFF if empty - change (operations/puppet)

Thu, 10 Dec 2015 08:16:04 -0800 

BBlack has submitted this change and it was merged.

Change subject: VCL: clear XFF if empty
......................................................................


VCL: clear XFF if empty

Change-Id: Ic606db2bef6f7fba5c66c8849652ce121e49a7ce
---
M modules/varnish/templates/vcl/wikimedia.vcl.erb
1 file changed, 6 insertions(+), 0 deletions(-)

Approvals:
  BBlack: Verified; Looks good to me, approved



diff --git a/modules/varnish/templates/vcl/wikimedia.vcl.erb 
b/modules/varnish/templates/vcl/wikimedia.vcl.erb
index ead9197..527a029 100644
--- a/modules/varnish/templates/vcl/wikimedia.vcl.erb
+++ b/modules/varnish/templates/vcl/wikimedia.vcl.erb
@@ -420,6 +420,12 @@
                // "junk2, 123.123.123.123" -> "2, 123.123.123.123"
                set req.http.X-Forwarded-For = regsub(req.http.X-Forwarded-For,
                        "^.*?([0-9A-Fa-f:.]+(, [0-9A-Fa-f:.]+)*)? ?$", "\1");
+
+               // Clear header if empty after all the above, to avoid messing
+               // up our normal XFF-append code later
+               if (req.http.X-Forwarded-For == "") {
+                       unset req.http.X-Forwarded-For;
+               }
        }
 
        // There are two possible cases here: either nginx acted as our TLS

-- 
To view, visit https://gerrit.wikimedia.org/r/258160
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: Ic606db2bef6f7fba5c66c8849652ce121e49a7ce
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: BBlack <[email protected]>
Gerrit-Reviewer: BBlack <[email protected]>

_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to