diff options
| author | José Padilla | 2015-01-11 10:55:56 -0400 |
|---|---|---|
| committer | José Padilla | 2015-01-11 10:58:08 -0400 |
| commit | d6d08db0dd16f4a4a93b69ecf1c5948f375335b0 (patch) | |
| tree | f6f0648df064d03a6abf7310ed0836148d0069f0 /rest_framework/throttling.py | |
| parent | e9ac1bb78add68635e7f0881c16d2a3ddda2f1b5 (diff) | |
| download | django-rest-framework-d6d08db0dd16f4a4a93b69ecf1c5948f375335b0.tar.bz2 | |
Fix ident format when using HTTP_X_FORWARDED_FOR
If NUM_PROXIES setting is set to None,
HTTP_X_FORWARDED_FOR might be used as is, which
might contain spaces and cause errors on
cache backends like memcached.
Diffstat (limited to 'rest_framework/throttling.py')
| -rw-r--r-- | rest_framework/throttling.py | 8 |
1 files changed, 1 insertions, 7 deletions
diff --git a/rest_framework/throttling.py b/rest_framework/throttling.py index 361dbddf..7dfe2f96 100644 --- a/rest_framework/throttling.py +++ b/rest_framework/throttling.py @@ -35,7 +35,7 @@ class BaseThrottle(object): client_addr = addrs[-min(num_proxies, len(xff))] return client_addr.strip() - return xff if xff else remote_addr + return ''.join(xff.split()) if xff else remote_addr def wait(self): """ @@ -173,12 +173,6 @@ class AnonRateThrottle(SimpleRateThrottle): if request.user.is_authenticated(): return None # Only throttle unauthenticated requests. - ident = request.META.get('HTTP_X_FORWARDED_FOR') - if ident is None: - ident = request.META.get('REMOTE_ADDR') - else: - ident = ''.join(ident.split()) - return self.cache_format % { 'scope': self.scope, 'ident': self.get_ident(request) |