From 38431d2e142b7da6a9b48aad203f02a2eff7e6fd Mon Sep 17 00:00:00 2001
From: Markus Heiser <markus.heiser@darmarit.de>
Date: Mon, 29 May 2023 19:46:37 +0200
Subject: [fix] correct determination of the IP for the request

For correct determination of the IP to the request the function
botdetection.get_real_ip() is implemented.  This fonction is used in the
ip_limit and link_token method of the botdetection and it is used in the
self_info plugin.

A documentation about the X-Forwarded-For header has been added.

[1] https://github.com/searxng/searxng/pull/2357#issuecomment-1566211059

Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
---
 searx/botdetection/limiter.toml | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'searx/botdetection/limiter.toml')

diff --git a/searx/botdetection/limiter.toml b/searx/botdetection/limiter.toml
index 28c4e7589..af797d32c 100644
--- a/searx/botdetection/limiter.toml
+++ b/searx/botdetection/limiter.toml
@@ -1,3 +1,8 @@
 [botdetection.ip_limit]
 
-link_token = false
\ No newline at end of file
+link_token = false
+
+[real_ip]
+
+# Number of values to trust for X-Forwarded-For.
+x_for = 1
-- 
cgit v1.2.3