Comments (3)
The purpose of this module is to make the best attempt to find the private or a routable IP address of the client while keeping it DRY, and acknowledging that IP addresses can be spoofed and there is no way to avoid that.
The security of no web-stack should rely on this module and If ipware
is used with the security mindset, then IPWARE_META_PRECEDENCE_ORDER
should be overwritten as per specific setup requirements.
from django-ipware.
The security of no web-stack should rely on this module
Agreed.
I would opt to mention this clearly in the README. The default just works, but no more then unpacking a wifi router and use it without reading instructions.
from django-ipware.
I would appreciate a pull request where a Notice
is added to the README file regarding the security implication of the default behavior. I'll include it in the next release cycle.
from django-ipware.
Related Issues (20)
- Add a notice informing users that ports are not stripped HOT 1
- Update django-ipware to use python-ipware underneath - Help Needed HOT 1
- Tests fail with python-ipware 2.0.4 HOT 2
- 'NoneType' object has no attribute 'META' HOT 3
- proxy_count and proxy_trusted_ips returning None on localhost/ngrok HOT 1
- Release this package with Django 3.2 support HOT 2
- Looking for 1-2 contributors to de-risk the project as it is now used by many projects HOT 5
- setup.py license classifier does not match LICENSE HOT 3
- Precedence order is not regarded when all IPs are not routable HOT 4
- Update the logic to better handle client IP determination for both routable and private HOT 3
- Suggestion - define default settings value HOT 2
- Any IP starting with `::` is treated as private HOT 7
- Feature proposal: get IP address in list of IPs based on `ip_count` HOT 1
- 'NoneType' object has no attribute 'strip' when META['REMOTE_ADDR'] is None HOT 1
- This module treats addresses like 2001:0db8:1234:: as routable HOT 1
- Upgrade django-ipware with enhancements HOT 1
- What is the difference between getting IP from django-ipware versus stream HOT 3
- ipware ignoring precedence order HOT 4
- [Feature Request] Add support for Django 4.2 HOT 1
- Use `python-ipware` underneath
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from django-ipware.