On 16/09/2009, at 4:48 PM, Aryeh Gregor wrote: > On Wed, Sep 16, 2009 at 11:29 AM, Anthony <[email protected]> wrote: >> The only one I can think of that I know of directly would be the IP >> spoofing >> one where the attacker pretended to be a proxy and sent a false "IP >> forwarded" or whatever. > > That shouldn't work if MediaWiki is configured with a correct list of > trusted proxies.
We were checking $_SERVER['X_FORWARDED_FOR'], which reads the X- Forwarded-For header. Unfortunately, it could be overridden by sending an X_Forwarded_For header. We resolved it by using the apache-specific header retrieval functions instead of PHP's broken internal implementation. -- Andrew Garrett [email protected] http://werdn.us/ _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
