/** * Matches a \Neos\Flow\Mvc\RequestInterface against the set IP pattern rules * * @param RequestInterface $request The request that should be matched * @return boolean TRUE if the pattern matched, FALSE otherwise * @throws InvalidRequestPatternException */ public function matchRequest(RequestInterface $request) { if (!isset($this->options['cidrPattern'])) { throw new InvalidRequestPatternException('Missing option "cidrPattern" in the Ip request pattern configuration', 1446224520); } if (!$request instanceof ActionRequest) { return false; } return (bool) IpUtility::cidrMatch($request->getHttpRequest()->getClientIpAddress(), $this->options['cidrPattern']); }
/** * Check if the given IP address is from a trusted proxy. * * @param string $ipAddress * @return bool */ protected function ipIsTrustedProxy($ipAddress) { if (filter_var($ipAddress, FILTER_VALIDATE_IP) === false) { return false; } if ($this->settings['proxies'] === '*') { return true; } foreach ($this->settings['proxies'] as $ipPattern) { if (IpUtility::cidrMatch($ipAddress, $ipPattern)) { return true; } } return false; }
/** * @dataProvider validAndInvalidIpPatterns * @test */ public function cidrMatchCorrectlyMatchesIpRanges($range, $ip, $expected) { $this->assertEquals($expected, Ip::cidrMatch($ip, $range)); }