Skip to content

Commit

Permalink
Request#remote_ip handles the uncommon case that REMOTE_ADDR is a com…
Browse files Browse the repository at this point in the history 
…ma-separated list.

[#523 state:resolved]

Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
  • Loading branch information
@michaelklishin @jeremy
michaelklishin authored and jeremy committed Aug 28, 2008
1 parent b23b191 commit e21ed3e
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 3 deletions.
8 changes: 5 additions & 3 deletions actionpack/lib/action_controller/request.rb
View file
Expand Up @@ -135,10 +135,12 @@ def xml_http_request?
# delimited list in the case of multiple chained proxies; the last
# address which is not trusted is the originating IP.
def remote_ip
if TRUSTED_PROXIES !~ @env['REMOTE_ADDR']
return @env['REMOTE_ADDR']
end
remote_addr_list = @env['REMOTE_ADDR'] && @env['REMOTE_ADDR'].split(',').collect(&:strip)

unless remote_addr_list.blank?
not_trusted_addrs = remote_addr_list.reject {|addr| addr =~ TRUSTED_PROXIES}
return not_trusted_addrs.first unless not_trusted_addrs.empty?
end
remote_ips = @env['HTTP_X_FORWARDED_FOR'] && @env['HTTP_X_FORWARDED_FOR'].split(',')

if @env.include? 'HTTP_CLIENT_IP'
Expand Down
3 changes: 3 additions & 0 deletions actionpack/test/controller/request_test.rb
View file
Expand Up @@ -12,6 +12,9 @@ def test_remote_ip
@request.remote_addr = '1.2.3.4'
assert_equal '1.2.3.4', @request.remote_ip

@request.remote_addr = '1.2.3.4,3.4.5.6'
assert_equal '1.2.3.4', @request.remote_ip(true)

@request.env['HTTP_CLIENT_IP'] = '2.3.4.5'
assert_equal '1.2.3.4', @request.remote_ip

Expand Down

0 comments on commit e21ed3e

Please sign in to comment.