All of those headers can be manipulated
On Tuesday, June 9, 2015 at 3:21:06 PM UTC+2, ura.beta.momo@gmail.com wrote:
-- On Tuesday, June 9, 2015 at 3:21:06 PM UTC+2, ura.beta.momo@gmail.com wrote:
Why does CakeRequest::clientIp() not have option for only read REMOTE_ADDR?If user manipulate HTTP_CLIENT_IP or HTTP_CLIENTADDRESS header, CakeRequest::clientIp() returns manipulated IP.
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
---
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+unsubscribe@googlegroups.com.
To post to this group, send email to cake-php@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php.
For more options, visit https://groups.google.com/d/optout.
No comments:
Post a Comment