1<?php 2 3class common_clientIP_test extends DokuWikiTest { 4 5 function setup(){ 6 parent::setup(); 7 8 global $conf; 9 $conf['trustedproxy'] = '^(::1|[fF][eE]80:|127\.|10\.|192\.168\.|172\.((1[6-9])|(2[0-9])|(3[0-1]))\.)'; 10 } 11 12 function test_simple_all(){ 13 $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 14 $_SERVER['HTTP_X_REAL_IP'] = ''; 15 $_SERVER['HTTP_X_FORWARDED_FOR'] = ''; 16 $out = '123.123.123.123'; 17 $this->assertEquals($out, clientIP()); 18 } 19 20 function test_proxy1_all(){ 21 $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 22 $_SERVER['HTTP_X_REAL_IP'] = '77.77.77.77'; 23 $_SERVER['HTTP_X_FORWARDED_FOR'] = ''; 24 $out = '123.123.123.123,77.77.77.77'; 25 $this->assertEquals($out, clientIP()); 26 } 27 28 function test_proxy2_all(){ 29 $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 30 $_SERVER['HTTP_X_REAL_IP'] = ''; 31 $_SERVER['HTTP_X_FORWARDED_FOR'] = '77.77.77.77'; 32 $out = '123.123.123.123,77.77.77.77'; 33 $this->assertEquals($out, clientIP()); 34 } 35 36 function test_proxyhops_all(){ 37 $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 38 $_SERVER['HTTP_X_REAL_IP'] = ''; 39 $_SERVER['HTTP_X_FORWARDED_FOR'] = '77.77.77.77,66.66.66.66'; 40 $out = '123.123.123.123,77.77.77.77,66.66.66.66'; 41 $this->assertEquals($out, clientIP()); 42 } 43 44 function test_simple_single(){ 45 $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 46 $_SERVER['HTTP_X_REAL_IP'] = ''; 47 $_SERVER['HTTP_X_FORWARDED_FOR'] = ''; 48 $out = '123.123.123.123'; 49 $this->assertEquals($out, clientIP(true)); 50 } 51 52 function test_proxy1_single(){ 53 $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 54 $_SERVER['HTTP_X_REAL_IP'] = '77.77.77.77'; 55 $_SERVER['HTTP_X_FORWARDED_FOR'] = ''; 56 $out = '123.123.123.123'; 57 $this->assertEquals($out, clientIP(true)); 58 } 59 60 function test_proxy2_single(){ 61 $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 62 $_SERVER['HTTP_X_REAL_IP'] = ''; 63 $_SERVER['HTTP_X_FORWARDED_FOR'] = '77.77.77.77'; 64 $out = '123.123.123.123'; 65 $this->assertEquals($out, clientIP(true)); 66 } 67 68 function test_proxyhops_single(){ 69 $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 70 $_SERVER['HTTP_X_REAL_IP'] = ''; 71 $_SERVER['HTTP_X_FORWARDED_FOR'] = '77.77.77.77,66.66.66.66'; 72 $out = '123.123.123.123'; 73 $this->assertEquals($out, clientIP(true)); 74 } 75 76 function test_proxy1_local_single(){ 77 $_SERVER['REMOTE_ADDR'] = '127.0.0.1'; 78 $_SERVER['HTTP_X_REAL_IP'] = '77.77.77.77'; 79 $_SERVER['HTTP_X_FORWARDED_FOR'] = ''; 80 $out = '77.77.77.77'; 81 $this->assertEquals($out, clientIP(true)); 82 } 83 84 function test_proxy2_local_single(){ 85 $_SERVER['REMOTE_ADDR'] = '127.0.0.1'; 86 $_SERVER['HTTP_X_REAL_IP'] = ''; 87 $_SERVER['HTTP_X_FORWARDED_FOR'] = '77.77.77.77'; 88 $out = '77.77.77.77'; 89 $this->assertEquals($out, clientIP(true)); 90 } 91 92 function test_proxyhops1_local_single(){ 93 $_SERVER['REMOTE_ADDR'] = '127.0.0.1'; 94 $_SERVER['HTTP_X_REAL_IP'] = ''; 95 $_SERVER['HTTP_X_FORWARDED_FOR'] = '77.77.77.77,66.66.66.66'; 96 $out = '77.77.77.77'; 97 $this->assertEquals($out, clientIP(true)); 98 } 99 100 function test_proxyhops2_local_single(){ 101 $_SERVER['REMOTE_ADDR'] = '127.0.0.1'; 102 $_SERVER['HTTP_X_REAL_IP'] = ''; 103 $_SERVER['HTTP_X_FORWARDED_FOR'] = '10.0.0.1,66.66.66.66'; 104 $out = '66.66.66.66'; 105 $this->assertEquals($out, clientIP(true)); 106 } 107 108 function test_local_all(){ 109 $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 110 $_SERVER['HTTP_X_REAL_IP'] = ''; 111 $_SERVER['HTTP_X_FORWARDED_FOR'] = '127.0.0.1'; 112 $out = '123.123.123.123,127.0.0.1'; 113 $this->assertEquals($out, clientIP()); 114 } 115 116 function test_local1_single(){ 117 $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 118 $_SERVER['HTTP_X_REAL_IP'] = ''; 119 $_SERVER['HTTP_X_FORWARDED_FOR'] = '127.0.0.1'; 120 $out = '123.123.123.123'; 121 $this->assertEquals($out, clientIP(true)); 122 } 123 124 function test_local2_single(){ 125 $_SERVER['REMOTE_ADDR'] = '127.0.0.1'; 126 $_SERVER['HTTP_X_REAL_IP'] = ''; 127 $_SERVER['HTTP_X_FORWARDED_FOR'] = '123.123.123.123'; 128 $out = '123.123.123.123'; 129 $this->assertEquals($out, clientIP(true)); 130 } 131 132 function test_local3_single(){ 133 $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 134 $_SERVER['HTTP_X_REAL_IP'] = ''; 135 $_SERVER['HTTP_X_FORWARDED_FOR'] = '127.0.0.1,10.0.0.1,192.168.0.2,172.17.1.1,172.21.1.1,172.31.1.1'; 136 $out = '123.123.123.123'; 137 $this->assertEquals($out, clientIP(true)); 138 } 139 140 function test_local4_single(){ 141 $_SERVER['REMOTE_ADDR'] = '127.0.0.1'; 142 $_SERVER['HTTP_X_REAL_IP'] = ''; 143 $_SERVER['HTTP_X_FORWARDED_FOR'] = '192.168.0.5'; 144 $out = '192.168.0.5'; 145 $this->assertEquals($out, clientIP(true)); 146 } 147 148 function test_garbage_all(){ 149 $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 150 $_SERVER['HTTP_X_REAL_IP'] = ''; 151 $_SERVER['HTTP_X_FORWARDED_FOR'] = 'some garbage, or something, 222'; 152 $out = '123.123.123.123'; 153 $this->assertEquals($out, clientIP()); 154 } 155 156 function test_garbage_single(){ 157 $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 158 $_SERVER['HTTP_X_REAL_IP'] = ''; 159 $_SERVER['HTTP_X_FORWARDED_FOR'] = 'some garbage, or something, 222'; 160 $out = '123.123.123.123'; 161 $this->assertEquals($out, clientIP(true)); 162 } 163 164 function test_garbageonly_all(){ 165 $_SERVER['REMOTE_ADDR'] = 'argh'; 166 $_SERVER['HTTP_X_REAL_IP'] = ''; 167 $_SERVER['HTTP_X_FORWARDED_FOR'] = 'some garbage, or something, 222'; 168 $out = '0.0.0.0'; 169 $this->assertEquals($out, clientIP()); 170 } 171 172 function test_garbageonly_single(){ 173 $_SERVER['REMOTE_ADDR'] = 'argh'; 174 $_SERVER['HTTP_X_REAL_IP'] = ''; 175 $_SERVER['HTTP_X_FORWARDED_FOR'] = 'some garbage, or something, 222'; 176 $out = '0.0.0.0'; 177 $this->assertEquals($out, clientIP(true)); 178 } 179 180 function test_malicious(){ 181 $_SERVER['REMOTE_ADDR'] = ''; 182 $_SERVER['HTTP_X_REAL_IP'] = ''; 183 $_SERVER['HTTP_X_FORWARDED_FOR'] = '<?php set_time_limit(0);echo \'my_delim\';passthru(123.123.123.123);die;?>'; 184 $out = '0.0.0.0'; 185 $this->assertEquals($out, clientIP()); 186 } 187 188 function test_malicious_with_remote_addr(){ 189 $_SERVER['REMOTE_ADDR'] = '8.8.8.8'; 190 $_SERVER['HTTP_X_REAL_IP'] = ''; 191 $_SERVER['HTTP_X_FORWARDED_FOR'] = '<?php set_time_limit(0);echo \'my_delim\';passthru(\',123.123.123.123,\');die;?>'; 192 $out = '8.8.8.8'; 193 $this->assertEquals($out, clientIP(true)); 194 } 195 196 function test_proxied_malicious_with_remote_addr(){ 197 $_SERVER['REMOTE_ADDR'] = '127.0.0.1'; 198 $_SERVER['HTTP_X_REAL_IP'] = ''; 199 $_SERVER['HTTP_X_FORWARDED_FOR'] = '8.8.8.8,<?php set_time_limit(0);echo \'my_delim\';passthru(\',123.123.123.123,\');die;?>'; 200 $out = '127.0.0.1,8.8.8.8,123.123.123.123'; 201 $this->assertEquals($out, clientIP()); 202 } 203 204} 205 206//Setup VIM: ex: et ts=4 : 207