Don't think it's a hack. We use HTTP_X_FORWARDED_FOR header to get IP if available (allow to get ip behind the proxy) - I guess this dude just use local proxy on his computer.
If you would like to use standard method you can find in Session.pm
Code: Select all
return $ENV{HTTP_X_FORWARDED_FOR} || $ENV{REMOTE_ADDR};
and replace with