Skip to content

GitLab

  • Menu
Projects Groups Snippets
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • C CiviCRM Core
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 1,372
    • Issues 1,372
    • List
    • Boards
    • Service Desk
    • Milestones
  • Deployments
    • Deployments
    • Releases
  • Wiki
    • Wiki
  • Activity
  • Graph
  • Create a new issue
  • Commits
  • Issue Boards
Collapse sidebar
  • Development
  • CiviCRM Core
  • Issues
  • #2854

Closed
Open
Created Sep 22, 2021 by AlanDixon@AlanDixon

ipAddress function and front-end proxies (like Varnish)

There are times where CiviCRM likes to know who it's talking to, i.e. the ip address of the visitor.

This matters especially when it gets passed on to a payment processor (e.g. for the purposes of mitigating card tumbling).

Here's the utility function that does that for several core-shipped payment processors: https://github.com/civicrm/civicrm-core/blob/b599743f3daa46ab96c09ebe410fbb833cdd080f/CRM/Utils/System.php#L1293

This code is fairly naive, but notably makes use of the fact that Drupal 7 (and earlier) that had a function "ip_address()" that would pay attention to the Drupal configuration to be able to deal with front end proxies.

Unfortunately, D8/9 no longer includes this function, but more importantly, it also fails for other CMSs.

In researching this issue, I noticed that D8/9 now uses a core symphony function, which might provide a better solution than using our current CMS-specific approach.

Specifically, in Drupal, you can reliably get the 'client' ip with this: return Drupal::request()->getClientIp();

Assuming civicrm has a container similar to Drupal, a similar solution might be available for CiviCRM.

It's reasonable to ask whether ipAddress should be changed in this way - here's a search showing where this function gets called:

https://github.com/civicrm/civicrm-core/search?q=ipAddress

Edited Sep 22, 2021 by AlanDixon
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking