Commit e21ed3e45429cf4a7ee4f5b6b550f457f0c4c313 to rails's rails

e21ed3e
all branches
- 1-2-stable
- 2-0-stable
- 2-1-stable
- 2-2-stable
- 2-3-stable
- 3-0-unstable
- HEAD
- master
all tags
- v0.9.1
- v0.9.2
- v0.9.3
- v0.9.4
- v0.9.4.1
- v0.9.5
- v0.10.0
- v0.10.1
- v0.11.0
- v0.11.1
- v0.12.0
- v0.13.0
- v0.13.1
- v0.14.1
- v0.14.2
- v0.14.3
- v0.14.4
- v1.0.0
- v1.1.0
- v1.1.0_RC1
- v1.1.1
- v1.1.2
- v1.1.3
- v1.1.4
- v1.1.5
- v1.1.6
- v1.2.0
- v1.2.0_RC1
- v1.2.0_RC2
- v1.2.1
- v1.2.2
- v1.2.3
- v1.2.4
- v1.2.5
- v1.2.6
- v2.0.0
- v2.0.0_PR
- v2.0.0_RC1
- v2.0.0_RC2
- v2.0.1
- v2.0.2
- v2.0.3
- v2.0.4
- v2.0.5
- v2.1.0
- v2.1.0_RC1
- v2.1.1
- v2.1.2
- v2.2.0
- v2.2.1
- v2.2.2
- v2.3.0
- v2.3.1
- v2.3.2
- v2.3.2.1
comments

rails / rails

668

3817

Description:	Ruby on Rails edit
Homepage:	http://rubyonrails.org edit
Public Clone URL:	git://github.com/rails/rails.git Give this clone URL to anyone. `git clone git://github.com/rails/rails.git`
Your Clone URL:	git@github.com:rails/rails.git Use this clone URL yourself. `git clone git@github.com:rails/rails.git`

Request#remote_ip handles the uncommon case that REMOTE_ADDR is a 
comma-separated list.

[#523 state:resolved]

Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>

michaelklishin (author)

Tue Jul 01 01:52:20 -0700 2008

jeremy (committer)

Wed Aug 27 23:03:27 -0700 2008

commit e21ed3e45429cf4a7ee4f5b6b550f457f0c4c313
tree 6b70ebc9d1d29a262166545146833d41d5f45651
parent b23b19109050af04e2e1d0f57aee306463f4cbb9

actionpack/lib/action_controller/request.rb
actionpack/test/controller/request_test.rb

actionpack/lib/action_controller/request.rb

0
@@ -135,10 +135,12 @@ module ActionController
0
     # delimited list in the case of multiple chained proxies; the last
0
     # address which is not trusted is the originating IP.
0
     def remote_ip
0
-      if TRUSTED_PROXIES !~ @env['REMOTE_ADDR']
0
-        return @env['REMOTE_ADDR']
0
-      end
0
+      remote_addr_list = @env['REMOTE_ADDR'] && @env['REMOTE_ADDR'].split(',').collect(&:strip)
0
 
0
+      unless remote_addr_list.blank?
0
+        not_trusted_addrs = remote_addr_list.reject {|addr| addr =~ TRUSTED_PROXIES}
0
+        return not_trusted_addrs.first unless not_trusted_addrs.empty?
0
+      end
0
       remote_ips = @env['HTTP_X_FORWARDED_FOR'] && @env['HTTP_X_FORWARDED_FOR'].split(',')
0
 
0
       if @env.include? 'HTTP_CLIENT_IP'

actionpack/test/controller/request_test.rb

0
@@ -12,6 +12,9 @@ class RequestTest < Test::Unit::TestCase
0
     @request.remote_addr = '1.2.3.4'
0
     assert_equal '1.2.3.4', @request.remote_ip
0
 
0
+    @request.remote_addr = '1.2.3.4,3.4.5.6'
0
+    assert_equal '1.2.3.4', @request.remote_ip(true)
0
+
0
     @request.env['HTTP_CLIENT_IP'] = '2.3.4.5'
0
     assert_equal '1.2.3.4', @request.remote_ip
0

Comments