You are here

Home » API reference » Authenticated User Page Caching (Authcache) 7.2 » authcache_varnish.module

function authcache_varnish_request_validate in Authenticated User Page Caching (Authcache) 7.2

Ensure that a request came in through the reverse proxy.

Examine the X-Varnish request header and return TRUE if the header is present. Otherwise return FALSE.

12 calls to authcache_varnish_request_validate()
AuthcacheVarnishTestDefaultValidation::testNoValidationIfChecksAreDisabled in modules/authcache_varnish/authcache_varnish.test
Ensure that no validation takes place when both mechanisms are turned off.
AuthcacheVarnishTestDefaultValidation::testRejectIfForwardedForEmpty in modules/authcache_varnish/authcache_varnish.test
Request is not comming through varnish if X-Forwarded-For is empty.
AuthcacheVarnishTestDefaultValidation::testRejectIfReverseProxyOff in modules/authcache_varnish/authcache_varnish.test
Request is not comming through varnish if reverse_proxy variable is off.
AuthcacheVarnishTestDefaultValidation::testRejectPassphraseIfNotIdentical in modules/authcache_varnish/authcache_varnish.test
Request has the wrong X-Authcache-Varnish-Passphrase.
AuthcacheVarnishTestDefaultValidation::testValidateCustomClientIPHeader in modules/authcache_varnish/authcache_varnish.test
Test reverse proxy validation when reverse_proxy_header variable is set.

... See full list

1 string reference to 'authcache_varnish_request_validate'
authcache_varnish_menu in modules/authcache_varnish/authcache_varnish.module
Implements hook_menu().

File

modules/authcache_varnish/authcache_varnish.module, line 30
Authcache cache backend module for varnish.

Code

function authcache_varnish_request_validate() {
  $passphrase = variable_get('authcache_varnish_passphrase');
  if (isset($passphrase)) {
    $passphrase_header = variable_get('authcache_varnish_passphrase_header', 'HTTP_X_AUTHCACHE_VARNISH_PASSPHRASE');
    return isset($_SERVER[$passphrase_header]) && $_SERVER[$passphrase_header] === $passphrase;
  }
  if (variable_get('authcache_varnish_validate_reverse_proxy_address', TRUE)) {

    // Fail if reverse proxy is not configured in settings.php.
    if (!variable_get('reverse_proxy', 0)) {
      return FALSE;
    }

    // Fail if X-Forwarded-For header is missing or empty.
    $reverse_proxy_header = variable_get('reverse_proxy_header', 'HTTP_X_FORWARDED_FOR');
    if (empty($_SERVER[$reverse_proxy_header])) {
      return FALSE;
    }

    // Fail if the remote address is not among the trusted reverse proxy
    // addresses.
    $reverse_proxy_addresses = variable_get('reverse_proxy_addresses', array());

    // @ignore sniffer_semantics_remoteaddress_remoteaddress
    if (empty($reverse_proxy_addresses) || !in_array($_SERVER['REMOTE_ADDR'], $reverse_proxy_addresses)) {
      return FALSE;
    }
  }

  // X-Varnish header not on request.
  $request_key = variable_get('authcache_varnish_header', 'HTTP_X_VARNISH');
  if (!empty($request_key) && !isset($_SERVER[$request_key])) {
    return FALSE;
  }
  return TRUE;
}