From 7dd0573be4f9db7fa6a408eb9b8d1813dc002939 Mon Sep 17 00:00:00 2001
From: Paul-Christian Volkmer <github@pcvolkmer.de>
Date: Mon, 19 Jun 2017 12:45:02 +0200
Subject: [PATCH] Also block local access using IPv6

---
 src/main/java/de/thm/arsnova/controller/WelcomeController.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/java/de/thm/arsnova/controller/WelcomeController.java b/src/main/java/de/thm/arsnova/controller/WelcomeController.java
index c036abda8..0a394245c 100644
--- a/src/main/java/de/thm/arsnova/controller/WelcomeController.java
+++ b/src/main/java/de/thm/arsnova/controller/WelcomeController.java
@@ -85,7 +85,7 @@ public class WelcomeController extends AbstractController {
 			final HttpServletRequest request
 		) {
 		/* Block requests from the server itself to prevent DoS attacks caused by request loops */
-		if ("127.0.0.1".equals(request.getRemoteAddr())) {
+		if ("127.0.0.1".equals(request.getRemoteAddr()) || "::1".equals(request.getRemoteAddr())) {
 			throw new BadRequestException("Access to localhost not allowed.");
 		}
 		/* Block requests to servers in private networks */
-- 
GitLab