rename trustedproxy option to trustedproxies

We use a new format (array instead of regex) and need a sure way to recognize it. Zebra's approach would not have survived the editing via config manager. As a side effect this also introduces a new languange string, which is good because the old one did no longer apply.
2025-08-15 22:25:03 +00:00 · 2025-01-09 16:17:44 +01:00
parent e449acd087
commit 19d5ba2778
4 changed files with 20 additions and 25 deletions
--- a/conf/dokuwiki.php
+++ b/conf/dokuwiki.php
@ -162,14 +162,6 @@ $conf['readdircache'] = 0;               //time cache in second for the readdir
 $conf['search_nslimit'] = 0;             //limit the search to the current X namespaces
 $conf['search_fragment'] = 'exact';      //specify the default fragment search behavior

-$conf['trustedproxy'] = ['::1', 'fe80::/10', '127.0.0.0/8', '10.0.0.0/8', '172.16.0.0/12', '192.168.0.0/16'];
-                                         // Trusted proxy servers from which to read the X-Forwarded-For header.
-                                         // Each item in the array may be either an IPv4 or IPv6 address, or
-                                         // an IPv4 or IPv6 CIDR range (e.g. 10.0.0.0/8).
-
-$conf['realip'] = false;                 // Enable reading the X-Real-IP header.  Default: false.
-                                         // Only enable this if your server writes this header, otherwise it may be spoofed.
-
 /* Feature Flags */
 $conf['defer_js'] = 1;                   // Defer javascript to be executed after the page's HTML has been parsed. Setting will be removed in the next release.
 $conf['hidewarnings'] = 0;               // Hide warnings
@ -177,6 +169,15 @@ $conf['hidewarnings'] = 0;               // Hide warnings
 /* Network Settings */
 $conf['dnslookups'] = 1;                 //disable to disallow IP to hostname lookups
 $conf['jquerycdn']  = 0;                 //use a CDN for delivering jQuery?
+$conf['trustedproxies'] = array('::1', 'fe80::/10', '127.0.0.0/8', '10.0.0.0/8', '172.16.0.0/12', '192.168.0.0/16');
+                                         // Trusted proxy servers from which to read the X-Forwarded-For header.
+                                         // Each item in the array may be either an IPv4 or IPv6 address, or
+                                         // an IPv4 or IPv6 CIDR range (e.g. 10.0.0.0/8).
+
+$conf['realip'] = false;                 // Enable reading the X-Real-IP header.  Default: false.
+                                         // Only enable this if your server writes this header, otherwise it may be spoofed.
+
+
 // Proxy setup - if your Server needs a proxy to access the web set these
 $conf['proxy']['host']    = '';
 $conf['proxy']['port']    = '';
--- a/inc/Ip.php
+++ b/inc/Ip.php
@ -136,7 +136,7 @@ class Ip
     * Given the IP address of a proxy server, determine whether it is
     * a known and trusted server.
     *
-     * This test is performed using the config value `trustedproxy`.
+     * This test is performed using the config value `trustedproxies`.
     *
     * @param string $ip The IP address of the proxy.
     *
@ -147,25 +147,17 @@ class Ip
        global $conf;

        // If the configuration is empty then no proxies are trusted.
-        if (empty($conf['trustedproxy'])) {
+        if (empty($conf['trustedproxies'])) {
            return false;
        }

-        if (is_string($conf['trustedproxy'])) {
-            // If the configuration is a string then treat it as a regex.
-            return preg_match('/' . $conf['trustedproxy'] . '/', $ip);
-        } elseif (is_array($conf['trustedproxy'])) {
-            // If the configuration is an array, then at least one must match.
-            foreach ($conf['trustedproxy'] as $trusted) {
-                if (Ip::ipMatches($ip, $trusted)) {
-                    return true;
-                }
+        foreach ((array) $conf['trustedproxies'] as $trusted) {
+            if (Ip::ipMatches($ip, $trusted)) {
+                return true;
            }
-
-            return false;
        }

-        Logger::error('Invalid value for $conf[trustedproxy]');
+        Logger::error('Invalid value for $conf[trustedproxies]');
        return false;
    }

@ -251,7 +243,7 @@ class Ip
     * The IPs are sourced from, in order of preference:
     *
     *   - The X-Real-IP header if $conf[realip] is true.
-     *   - The X-Forwarded-For header if all the proxies are trusted by $conf[trustedproxy].
+     *   - The X-Forwarded-For header if all the proxies are trusted by $conf[trustedproxies].
     *   - The TCP/IP connection remote address.
     *   - 0.0.0.0 if all else fails.
     *
--- a/lib/plugins/config/lang/en/lang.php
+++ b/lib/plugins/config/lang/en/lang.php
@ -188,7 +188,6 @@ $lang['search_fragment_o_exact'] = 'exact';
 $lang['search_fragment_o_starts_with'] = 'starts with';
 $lang['search_fragment_o_ends_with'] = 'ends with';
 $lang['search_fragment_o_contains'] = 'contains';
-$lang['trustedproxy'] = 'Trust forwarding proxies matching this regular expression about the true client IP they report. The default matches local networks. Leave empty to trust no proxy.';

 $lang['_feature_flags'] = 'Feature Flags';
 $lang['defer_js'] = 'Defer javascript to be execute after the page\'s HTML has been parsed. Improves perceived page speed but could break a small number of plugins.';
@ -197,6 +196,8 @@ $lang['hidewarnings'] = 'Do not display any warnings issued by PHP. This may eas
 /* Network Options */
 $lang['dnslookups'] = 'DokuWiki will lookup hostnames for remote IP addresses of users editing pages. If you have a slow or non working DNS server or don\'t want this feature, disable this option';
 $lang['jquerycdn'] = 'Should the jQuery and jQuery UI script files be loaded from a CDN? This adds additional HTTP requests, but files may load faster and users may have them cached already.';
+$lang['trustedproxies'] = 'Comma-separated list of trusted proxy servers from which to read the X-Forwarded-For header. Each item in the array may be either an IPv4 or IPv6 address, or an IPv4 or IPv6 CIDR range (e.g. 10.0.0.0/8). Leave empty to trust no proxy.';
+$lang['realip'] = 'Trust the X-Real-IP header. Only enable this if your server writes this header, otherwise it may be spoofed.';

 /* jQuery CDN options */
 $lang['jquerycdn_o_0'] = 'No CDN, local delivery only';
--- a/lib/plugins/config/settings/config.metadata.php
+++ b/lib/plugins/config/settings/config.metadata.php
@ -247,7 +247,6 @@ $meta['renderer_xhtml'] = ['renderer', '_format' => 'xhtml', '_choices' => ['xht
 $meta['readdircache'] = ['numeric'];
 $meta['search_nslimit'] = ['numeric', '_min' => 0];
 $meta['search_fragment'] = ['multichoice', '_choices' => ['exact', 'starts_with', 'ends_with', 'contains']];
-$meta['trustedproxy'] = ['regex'];

 $meta['_feature_flags'] = ['fieldset'];
 $meta['defer_js'] = ['onoff'];
@ -256,6 +255,8 @@ $meta['hidewarnings'] = ['onoff'];
 $meta['_network'] = ['fieldset'];
 $meta['dnslookups'] = ['onoff'];
 $meta['jquerycdn'] = ['multichoice', '_choices' => [0, 'jquery', 'cdnjs']];
+$meta['trustedproxies'] = ['array', '_caution' => 'security'];
+$meta['realip'] = ['onoff', '_caution' => 'security'];
 $meta['proxy____host'] = ['string', '_pattern' => '#^(|[a-z0-9\-\.+]+)$#i'];
 $meta['proxy____port'] = ['numericopt'];
 $meta['proxy____user'] = ['string'];