Pages: 1

#1 2015-03-12 04:34:41

edwinsn
Member
Registered: 2010-07-02
Posts: 1,218

Limiting browser client to local IP

I want to restrict connection from local web browsers only, after some research, I found one solution - overwrite 

THttpServer.Process()

and check 

self.RemoteIp

My question is, it'l be better to handle that in my TMVCApplication-derived class, something like if the client is not 127.0.0.1 nor localhost, redirect to access-not-allowed.html. Is this possible? Thanks.

Update 1:
One more possible solution: Overwrite 

TSQLHttpServer.Request()

But I'm not sure is it possible to get the client IP in this method...

Last edited by edwinsn (2015-03-12 05:38:09)

Delphi XE4 Pro on Windows 7 64bit.
Lazarus trunk built with fpcupdelux on Windows with cross-compile for Linux 64bit.

Offline

#2 2015-03-12 09:01:01

ab
Administrator
From: France
Registered: 2010-06-21
Posts: 14,662
Website

Re: Limiting browser client to local IP

Yes, overriding the THttpServer.Process method will work for ALL incoming HTTP requests.
Overriding TSQLHttpServer.Request is also possible, and is preferred for any kind of HTTP server implementation.

Ensure that you test for 'localhost', '127.0.0.1' and also '::1' for IP v6.

Offline

Pages: 1

Board footer

Powered by FluxBB