Tony Sidaway wrote:
On 10/17/05, David Gerard <dgerard at gmail.com> wrote:
Note that the NTL problem has been solved (presumably through some horribly ugly special cases in the MediaWiki code) -
My understanding is that NTL passes the client IP via a standard protocol and MediaWiki simply interprets it in the standard manner. The only place where it gets hairy is that, as I understand it, some anonymizing proxies also use this protocol and forward a spoofed IP, so you do need to maintain a list of proxies that can be trusted.
Semi-standard - it uses an X-Forwarded-From header and sometimes it reverses the order of the octets (for no good reason).
That said, I just spotted a MARMOT sock (User:Captain Kreuk and a few others) with his IP showing as the NTL proxy address, not his actual address. Bother.
(cc'd to wikitech-l - is this a reportable bug, or hadn't the NTL-checking code kicked in at that point?)
- d.