v3.5.1 #143
v3.5.1 #143
Conversation
…rue if setup is behind a trusted proxy
added getRealIp to util, added config setting trustUpstream, set to. Thanks @GunnarLieb!
There was a problem hiding this comment.
Pull Request Overview
This is a version bump to v3.5.1 with infrastructure updates and security improvements. The changes primarily focus on modernizing CI/CD configurations, adding Adobe 2025 support, and implementing real IP detection for better proxy/load balancer handling.
- Updated CI/CD matrix to support newer CFML engines including Adobe 2025
- Added getRealIP utility function for improved client IP detection through proxies
- Fixed date formatting issues for better cross-platform compatibility
Reviewed Changes
Copilot reviewed 9 out of 11 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| [email protected] | Fixed Lucee engine version specification |
| [email protected] | Added new server configuration for Adobe 2025 support |
| models/util/Util.cfc | Added getRealIP function for proxy-aware IP detection |
| models/logging/LogstashAppender.cfc | Updated to use new getRealIP utility |
| models/logging/AppenderService.cfc | Updated IP detection and fixed array mapping syntax |
| models/cache/Provider.cfc | Standardized date format to ISO 8601 |
| changelog.md | Updated changelog formatting |
| ModuleConfig.cfc | Added trustUpstream configuration option |
| .github/workflows/tests.yml | Updated CI matrix with newer engines and Java versions |
| * @trustUpstream If true, we check the forwarded headers first, else we don't | ||
| */ | ||
| string function getRealIP( boolean trustUpstream = configStruct.trustUpstream ){ | ||
| // When going through a proxy, the IP can be a delimtied list, thus we take the last one in the list |
There was a problem hiding this comment.
There is a spelling error: 'delimtied' should be 'delimited'.
| // When going through a proxy, the IP can be a delimtied list, thus we take the last one in the list | |
| // When going through a proxy, the IP can be a delimited list, thus we take the last one in the list |
| */ | ||
| string function getRealIP( boolean trustUpstream = configStruct.trustUpstream ){ | ||
| // When going through a proxy, the IP can be a delimtied list, thus we take the last one in the list | ||
| if ( arguments.trustUpstream ) { |
There was a problem hiding this comment.
The comment on line 213 mentions taking the 'last one' from a delimited list, but the code uses listFirst() for X-Forwarded-For header on line 220. This inconsistency could lead to incorrect IP extraction - X-Forwarded-For typically contains the original client IP as the first entry.
ModuleConfig.cfc
Outdated
| // used by util:getRealIp, trustUpstream If true, we check the forwarded headers first, else we don't | ||
| trustUpstream : false |
There was a problem hiding this comment.
[nitpick] The comment should be formatted as a proper docstring comment. The current inline comment format is inconsistent with other configuration properties and doesn't follow standard documentation patterns.
| // used by util:getRealIp, trustUpstream If true, we check the forwarded headers first, else we don't | |
| trustUpstream : false | |
| // Whether to trust upstream headers when determining the real IP address. | |
| // If true, forwarded headers are checked first; otherwise, they are ignored. | |
| trustUpstream : false |
lucee@5 Test Results 1 files 17 suites 51s ⏱️ For more details on these errors, see this check. Results for commit 0af88f8. ♻️ This comment has been updated with latest results. |
boxlang@be Test Results255 tests 255 ✅ 1m 3s ⏱️ Results for commit e5c25a9. ♻️ This comment has been updated with latest results. |
adobe@2025 Test Results255 tests 255 ✅ 1m 4s ⏱️ Results for commit edd0805. |
adobe@2025 Test Results0 tests 0 ✅ 0s ⏱️ Results for commit 0af88f8. ♻️ This comment has been updated with latest results. |
adobe@2023 Test Results255 tests 255 ✅ 1m 3s ⏱️ Results for commit bf8e947. ♻️ This comment has been updated with latest results. |
boxlang@1 Test Results255 tests 255 ✅ 1m 0s ⏱️ Results for commit edd0805. |
boxlang@1 Test Results255 tests 255 ✅ 1m 2s ⏱️ Results for commit bf8e947. ♻️ This comment has been updated with latest results. |
adobe@2021 Test Results0 tests 0 ✅ 0s ⏱️ Results for commit 0af88f8. ♻️ This comment has been updated with latest results. |
lucee@6 Test Results255 tests 255 ✅ 50m 53s ⏱️ Results for commit e5c25a9. ♻️ This comment has been updated with latest results. |
Co-authored-by: jclausen <[email protected]>
Co-authored-by: jclausen <[email protected]>
Co-authored-by: jclausen <[email protected]>
Add comprehensive GitHub Copilot development instructions
No description provided.