FIX: Parsing client IPv6 address when a proxy is involved (#457)

2026-03-16 22:20:26 +00:00 · 2022-11-22 10:44:59 +03:00 · 2022-11-22 10:44:59 +03:00 · 4cdc756791
commit 4cdc756791
parent e23b091c99
3 changed files with 22 additions and 6 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,7 +1,11 @@
 # Changes

+## Next Release
+
 #### Fixes
+
 - fix: Make log entries read-only in the admin. ([#449](https://github.com/jazzband/django-auditlog/pull/449))
+- fix: Handle IPv6 addresses in `X-Forwarded-For`. ([#457](https://github.com/jazzband/django-auditlog/pull/457))

 ## 2.2.0 (2022-10-07)

--- a/auditlog/middleware.py
+++ b/auditlog/middleware.py
@ -14,14 +14,21 @@ class AuditlogMiddleware:

    @staticmethod
    def _get_remote_addr(request):
-        if request.headers.get("X-Forwarded-For"):
-            # In case of proxy, set 'original' address
-            remote_addr = request.headers.get("X-Forwarded-For").split(",")[0]
-            # Remove port number from remote_addr
-            return remote_addr.split(":")[0]
-        else:
+        # In case there is no proxy, return the original address
+        if not request.headers.get("X-Forwarded-For"):
            return request.META.get("REMOTE_ADDR")

+        # In case of proxy, set 'original' address
+        remote_addr: str = request.headers.get("X-Forwarded-For").split(",")[0]
+
+        # Remove port number from remote_addr
+        if "." in remote_addr and ":" in remote_addr:  # IPv4 with port (`x.x.x.x:x`)
+            remote_addr = remote_addr.split(":")[0]
+        elif "[" in remote_addr:  # IPv6 with port (`[:::]:x`)
+            remote_addr = remote_addr[1:].split("]")[0]
+
+        return remote_addr
+
    def __call__(self, request):
        remote_addr = self._get_remote_addr(request)

--- a/auditlog_tests/tests.py
+++ b/auditlog_tests/tests.py
@ -450,6 +450,11 @@ class MiddlewareTest(TestCase):
            ({}, "127.0.0.1"),
            ({"HTTP_X_FORWARDED_FOR": "127.0.0.2"}, "127.0.0.2"),
            ({"HTTP_X_FORWARDED_FOR": "127.0.0.3:1234"}, "127.0.0.3"),
+            ({"HTTP_X_FORWARDED_FOR": "2606:4700:4700::1111"}, "2606:4700:4700::1111"),
+            (
+                {"HTTP_X_FORWARDED_FOR": "[2606:4700:4700::1001]:1234"},
+                "2606:4700:4700::1001",
+            ),
        ]
        for headers, expected_remote_addr in tests:
            with self.subTest(headers=headers):