rename trustedproxy option to trustedproxies

We use a new format (array instead of regex) and need a sure way to
recognize it. Zebra's approach would not have survived the editing via
config manager.
As a side effect this also introduces a new languange string, which is
good because the old one did no longer apply.

Author: splitbrain

conf/dokuwiki.php

@@ -162,21 +162,22 @@
 $conf['search_nslimit'] = 0;             //limit the search to the current X namespaces
 $conf['search_fragment'] = 'exact';      //specify the default fragment search behavior
 
-$conf['trustedproxy'] = ['::1', 'fe80::/10', '127.0.0.0/8', '10.0.0.0/8', '172.16.0.0/12', '192.168.0.0/16'];
+/* Feature Flags */
+$conf['defer_js'] = 1;                   // Defer javascript to be executed after the page's HTML has been parsed. Setting will be removed in the next release.
+$conf['hidewarnings'] = 0;               // Hide warnings
+
+/* Network Settings */
+$conf['dnslookups'] = 1;                 //disable to disallow IP to hostname lookups
+$conf['jquerycdn']  = 0;                 //use a CDN for delivering jQuery?
+$conf['trustedproxies'] = array('::1', 'fe80::/10', '127.0.0.0/8', '10.0.0.0/8', '172.16.0.0/12', '192.168.0.0/16');
                                          // Trusted proxy servers from which to read the X-Forwarded-For header.
                                          // Each item in the array may be either an IPv4 or IPv6 address, or
                                          // an IPv4 or IPv6 CIDR range (e.g. 10.0.0.0/8).
 
 $conf['realip'] = false;                 // Enable reading the X-Real-IP header.  Default: false.
                                          // Only enable this if your server writes this header, otherwise it may be spoofed.
 
-/* Feature Flags */
-$conf['defer_js'] = 1;                   // Defer javascript to be executed after the page's HTML has been parsed. Setting will be removed in the next release.
-$conf['hidewarnings'] = 0;               // Hide warnings
 
-/* Network Settings */
-$conf['dnslookups'] = 1;                 //disable to disallow IP to hostname lookups
-$conf['jquerycdn']  = 0;                 //use a CDN for delivering jQuery?
 // Proxy setup - if your Server needs a proxy to access the web set these
 $conf['proxy']['host']    = '';
 $conf['proxy']['port']    = '';

inc/Ip.php

@@ -136,7 +136,7 @@ public static function ipMatches(string $ip, string $ipOrRange): bool
      * Given the IP address of a proxy server, determine whether it is
      * a known and trusted server.
      *
-     * This test is performed using the config value `trustedproxy`.
+     * This test is performed using the config value `trustedproxies`.
      *
      * @param string $ip The IP address of the proxy.
      *
@@ -147,25 +147,17 @@ public static function proxyIsTrusted(string $ip): bool
         global $conf;
 
         // If the configuration is empty then no proxies are trusted.
-        if (empty($conf['trustedproxy'])) {
+        if (empty($conf['trustedproxies'])) {
             return false;
         }
 
-        if (is_string($conf['trustedproxy'])) {
-            // If the configuration is a string then treat it as a regex.
-            return preg_match('/' . $conf['trustedproxy'] . '/', $ip);
-        } elseif (is_array($conf['trustedproxy'])) {
-            // If the configuration is an array, then at least one must match.
-            foreach ($conf['trustedproxy'] as $trusted) {
-                if (Ip::ipMatches($ip, $trusted)) {
-                    return true;
-                }
+        foreach ((array) $conf['trustedproxies'] as $trusted) {
+            if (Ip::ipMatches($ip, $trusted)) {
+                return true;
             }
-
-            return false;
         }
 
-        Logger::error('Invalid value for $conf[trustedproxy]');
+        Logger::error('Invalid value for $conf[trustedproxies]');
         return false;
     }
 
@@ -251,7 +243,7 @@ public static function clientIp(): string
      * The IPs are sourced from, in order of preference:
      *
      *   - The X-Real-IP header if $conf[realip] is true.
-     *   - The X-Forwarded-For header if all the proxies are trusted by $conf[trustedproxy].
+     *   - The X-Forwarded-For header if all the proxies are trusted by $conf[trustedproxies].
      *   - The TCP/IP connection remote address.
      *   - 0.0.0.0 if all else fails.
      *

lib/plugins/config/lang/en/lang.php

@@ -188,7 +188,6 @@
 $lang['search_fragment_o_starts_with'] = 'starts with';
 $lang['search_fragment_o_ends_with'] = 'ends with';
 $lang['search_fragment_o_contains'] = 'contains';
-$lang['trustedproxy'] = 'Trust forwarding proxies matching this regular expression about the true client IP they report. The default matches local networks. Leave empty to trust no proxy.';
 
 $lang['_feature_flags'] = 'Feature Flags';
 $lang['defer_js'] = 'Defer javascript to be execute after the page\'s HTML has been parsed. Improves perceived page speed but could break a small number of plugins.';
@@ -197,6 +196,8 @@
 /* Network Options */
 $lang['dnslookups'] = 'DokuWiki will lookup hostnames for remote IP addresses of users editing pages. If you have a slow or non working DNS server or don\'t want this feature, disable this option';
 $lang['jquerycdn'] = 'Should the jQuery and jQuery UI script files be loaded from a CDN? This adds additional HTTP requests, but files may load faster and users may have them cached already.';
+$lang['trustedproxies'] = 'Comma-separated list of trusted proxy servers from which to read the X-Forwarded-For header. Each item in the array may be either an IPv4 or IPv6 address, or an IPv4 or IPv6 CIDR range (e.g. 10.0.0.0/8). Leave empty to trust no proxy.';
+$lang['realip'] = 'Trust the X-Real-IP header. Only enable this if your server writes this header, otherwise it may be spoofed.';
 
 /* jQuery CDN options */
 $lang['jquerycdn_o_0'] = 'No CDN, local delivery only';

lib/plugins/config/settings/config.metadata.php

@@ -247,7 +247,6 @@
 $meta['readdircache'] = ['numeric'];
 $meta['search_nslimit'] = ['numeric', '_min' => 0];
 $meta['search_fragment'] = ['multichoice', '_choices' => ['exact', 'starts_with', 'ends_with', 'contains']];
-$meta['trustedproxy'] = ['regex'];
 
 $meta['_feature_flags'] = ['fieldset'];
 $meta['defer_js'] = ['onoff'];
@@ -256,6 +255,8 @@
 $meta['_network'] = ['fieldset'];
 $meta['dnslookups'] = ['onoff'];
 $meta['jquerycdn'] = ['multichoice', '_choices' => [0, 'jquery', 'cdnjs']];
+$meta['trustedproxies'] = ['array', '_caution' => 'security'];
+$meta['realip'] = ['onoff', '_caution' => 'security'];
 $meta['proxy____host'] = ['string', '_pattern' => '#^(|[a-z0-9\-\.+]+)$#i'];
 $meta['proxy____port'] = ['numericopt'];
 $meta['proxy____user'] = ['string'];