Extension:TrustedXFF/pl

From MediaWiki.org
Jump to navigation Jump to search
This page is a translated version of the page Extension:TrustedXFF and the translation is 7% complete.
Other languages:
English • ‎español • ‎polski • ‎日本語
Podręcznik rozszerzeń MediaWiki
OOjs UI icon advanced.svg
TrustedXFF
Status wydania: stabilne
Opis Handling of trusted proxy addresses (XFF)
Autor(zy) Tim Starlingtalk
Ostatnia wersja 1.1.0
Licencja Any OSI approved license
Pobieranie
Przykład mediawiki.org
Przetłumacz rozszerzenie TrustedXFF jeżeli jest dostępne na translatewiki.net
Sprawdź wykorzystywanie i matrycę wersji.
Problemy Otwarte zadania · Zgłoś błąd

The TrustedXFF extension maintains a list of trusted hosts in a file in CDB format. For details, see meta:XFF project.

The file can be generated using the generate.php maintenance script.

Instalacja

Ensure the files are in the correct location:

  • You are in the base directory for your wiki
  • ./LocalSettings.php is in that directory
  • ./trusted-hosts.txt is in that directory
  • ./maintenance/ is directly under it, as is a writeable ./cache/ directory
  • ./extensions/TrustedXFF/ is one level further

These most likely need to be actual files, not merely symlinks pointing somewhere else, as the code uses __DIR__ and relative paths.

Insert in LocalSettings.php :

require_once('$IP/extensions/TrustedXFF/TrustedXFF.php');

Remain in the base directory; run generate.php using:

php extensions/TrustedXFF/generate.php --conf LocalSettings.php

At this point, there should be an output file created at ./cache/trusted-xff.cdb

If this exists, and Special:Version reports the extension as installed, it should be good to go. If you have more than one wiki, be sure to copy the output file to the ./cache/ directory for each of your MediaWiki installations.

Limitations

  • The extension will not whitelist large ranges, such as an /18 (or wider). The list will compile with warnings and the large range will be ignored. This is an issue for services like CloudFlare that occupy multiple, huge chunks of IPv4 space.
  • The extension will not accept IPv6 ranges in trusted-hosts.txt. There are a few such ranges hard-coded into TrustedXFF.body.php, but adding more addresses requires editing the code directly.
  • Useless where X-Forwarded-For is unavailable. As of 2019, many wikis force HTTPs for all things. Any manipulation with headers on a proxy compromises HTTPs server authentication unless the proxy possesses an SSL certificate authoritative for the wiki in question. It makes the extension far less useful nowadays than it was originally envisaged.

Zobacz też