From 60147e8d1650273f37264e54b287d5bc64a356ad Mon Sep 17 00:00:00 2001
From: Mike Primm <mike@primmhome.com>
Date: Tue, 22 Feb 2022 22:33:33 -0600
Subject: [PATCH] Handle proxy cascades on X-Forwrded-For

---
 .../resources/extracted/web/standalone/MySQL_sendmessage.php   | 3 ++-
 .../extracted/web/standalone/PostgreSQL_sendmessage.php        | 3 ++-
 .../main/resources/extracted/web/standalone/sendmessage.php    | 3 ++-
 3 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_sendmessage.php b/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_sendmessage.php
index 56335b19..ce0409de 100644
--- a/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_sendmessage.php
+++ b/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_sendmessage.php
@@ -35,7 +35,8 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST' && $lastchat < time()) {
         }
     }
     if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
-        $data->ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
+        $proxy = array_map('trim', explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']));
+        $data->ip = $proxy[0];
     }
     $content = getStandaloneFile('dynmap_webchat.json');
     $gotold = false;
diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_sendmessage.php b/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_sendmessage.php
index 1b8e62fd..957c1ee1 100644
--- a/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_sendmessage.php
+++ b/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_sendmessage.php
@@ -35,7 +35,8 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST' && $lastchat < time()) {
         }
     }
     if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
-        $data->ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
+        $proxy = array_map('trim', explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']));
+        $data->ip = $proxy[0];
     }
     $content = getStandaloneFile('dynmap_webchat.json');
     $gotold = false;
diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/sendmessage.php b/DynmapCore/src/main/resources/extracted/web/standalone/sendmessage.php
index e3dd65ce..4b02aee3 100644
--- a/DynmapCore/src/main/resources/extracted/web/standalone/sendmessage.php
+++ b/DynmapCore/src/main/resources/extracted/web/standalone/sendmessage.php
@@ -35,7 +35,8 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST' && $lastchat < time()) {
         }
     }
     if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
-        $data->ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
+        $proxy = array_map('trim', explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']));
+        $data->ip = $proxy[0];
     }
     if (is_readable('dynmap_webchat.json')) {
         $old_messages = json_decode(file_get_contents('dynmap_webchat.json'), true);