GitLab

There are times where CiviCRM likes to know who it's talking to, i.e. the ip address of the visitor.

This matters especially when it gets passed on to a payment processor (e.g. for the purposes of mitigating card tumbling).

Here's the utility function that does that for several core-shipped payment processors: https://github.com/civicrm/civicrm-core/blob/b599743f3daa46ab96c09ebe410fbb833cdd080f/CRM/Utils/System.php#L1293

This code is fairly naive, but notably makes use of the fact that Drupal 7 (and earlier) that had a function "ip_address()" that would pay attention to the Drupal configuration to be able to deal with front end proxies.

Unfortunately, D8/9 no longer includes this function, but more importantly, it also fails for other CMSs.

In researching this issue, I noticed that D8/9 now uses a core symphony function, which might provide a better solution than using our current CMS-specific approach.

Specifically, in Drupal, you can reliably get the 'client' ip with this: return Drupal::request()->getClientIp();

Assuming civicrm has a container similar to Drupal, a similar solution might be available for CiviCRM.

It's reasonable to ask whether ipAddress should be changed in this way - here's a search showing where this function gets called:

https://github.com/civicrm/civicrm-core/search?q=ipAddress