%global _empty_manifest_terminate_build 0 Name: python-django-xff Version: 1.3.0 Release: 1 Summary: Django X-Forwarded-For Properly License: MIT License URL: https://github.com/ferrix/xff/ Source0: https://mirrors.nju.edu.cn/pypi/web/packages/4e/0a/66485627f4250133d72e9af83affbe8a410591da6b474fbb7fc425d068d0/django-xff-1.3.0.tar.gz BuildArch: noarch Requires: python3-Django %description The X-Forwarded-For header is used by many reverse proxies to pass the IP addresses of the whole chain of hosts between client and application server. The header looks something like this:: X-Forwarded-For: 54.12.13.14, 192.168.2.0, 192.168.3.1 This translates to:: X-Forwarded-For: client, proxy1[, proxy2[...]] However it is just a header. Most default configurations simply append to the header. It is trivial for a malicious client to deliver a header in the initial request:: X-Forwarded-For: phony, client %package -n python3-django-xff Summary: Django X-Forwarded-For Properly Provides: python-django-xff BuildRequires: python3-devel BuildRequires: python3-setuptools BuildRequires: python3-pip %description -n python3-django-xff The X-Forwarded-For header is used by many reverse proxies to pass the IP addresses of the whole chain of hosts between client and application server. The header looks something like this:: X-Forwarded-For: 54.12.13.14, 192.168.2.0, 192.168.3.1 This translates to:: X-Forwarded-For: client, proxy1[, proxy2[...]] However it is just a header. Most default configurations simply append to the header. It is trivial for a malicious client to deliver a header in the initial request:: X-Forwarded-For: phony, client %package help Summary: Development documents and examples for django-xff Provides: python3-django-xff-doc %description help The X-Forwarded-For header is used by many reverse proxies to pass the IP addresses of the whole chain of hosts between client and application server. The header looks something like this:: X-Forwarded-For: 54.12.13.14, 192.168.2.0, 192.168.3.1 This translates to:: X-Forwarded-For: client, proxy1[, proxy2[...]] However it is just a header. Most default configurations simply append to the header. It is trivial for a malicious client to deliver a header in the initial request:: X-Forwarded-For: phony, client %prep %autosetup -n django-xff-1.3.0 %build %py3_build %install %py3_install install -d -m755 %{buildroot}/%{_pkgdocdir} if [ -d doc ]; then cp -arf doc %{buildroot}/%{_pkgdocdir}; fi if [ -d docs ]; then cp -arf docs %{buildroot}/%{_pkgdocdir}; fi if [ -d example ]; then cp -arf example %{buildroot}/%{_pkgdocdir}; fi if [ -d examples ]; then cp -arf examples %{buildroot}/%{_pkgdocdir}; fi pushd %{buildroot} if [ -d usr/lib ]; then find usr/lib -type f -printf "/%h/%f\n" >> filelist.lst fi if [ -d usr/lib64 ]; then find usr/lib64 -type f -printf "/%h/%f\n" >> filelist.lst fi if [ -d usr/bin ]; then find usr/bin -type f -printf "/%h/%f\n" >> filelist.lst fi if [ -d usr/sbin ]; then find usr/sbin -type f -printf "/%h/%f\n" >> filelist.lst fi touch doclist.lst if [ -d usr/share/man ]; then find usr/share/man -type f -printf "/%h/%f.gz\n" >> doclist.lst fi popd mv %{buildroot}/filelist.lst . mv %{buildroot}/doclist.lst . %files -n python3-django-xff -f filelist.lst %dir %{python3_sitelib}/* %files help -f doclist.lst %{_docdir}/* %changelog * Fri May 05 2023 Python_Bot - 1.3.0-1 - Package Spec generated