[Seaside] self requestContext request remoteAddress always

Norbert Hartl norbert at hartl.name
Sat Apr 13 12:20:15 UTC 2013

Am 13.04.2013 um 13:49 schrieb Sabine Knöfel <sabine.knoefel at gmail.com>:

> Hi Johann,
> thank you for your answer.
> I use the  "x-forwarded-for" entry header dict, which was suggested by
> Norbert.

Just a little note. The X-Fowarded-For header is a list of IPs. The idea is that every proxy/server that mangels the request is added to the list of IPs. So if you do 

($, split: (headerString  copyWithout: Character space)) first

you get the first IP which should be the client. I think in most cases you'll find a single ip but the above is more safe. 

The proposal of Johan is to use nginx as a helper to ease this process. By using the real ip module in nginx the server selects one address from available sources and sets a specific header. Might be a good idea to use it that way. At least I can find in my server configs the exact same line that Johan proposed. And that means he stole it from server. Damn you, belgian hacker!


More information about the seaside mailing list