Commit e42a235dd18a39ccc83382365088de96f24fa236 to rails's rails

e42a235
all branches
- 1-2-stable
- 2-0-stable
- 2-1-stable
- 2-2-stable
- 2-3-stable
- 3-0-unstable
- HEAD
- master
all tags
- v0.9.1
- v0.9.2
- v0.9.3
- v0.9.4
- v0.9.4.1
- v0.9.5
- v0.10.0
- v0.10.1
- v0.11.0
- v0.11.1
- v0.12.0
- v0.13.0
- v0.13.1
- v0.14.1
- v0.14.2
- v0.14.3
- v0.14.4
- v1.0.0
- v1.1.0
- v1.1.0_RC1
- v1.1.1
- v1.1.2
- v1.1.3
- v1.1.4
- v1.1.5
- v1.1.6
- v1.2.0
- v1.2.0_RC1
- v1.2.0_RC2
- v1.2.1
- v1.2.2
- v1.2.3
- v1.2.4
- v1.2.5
- v1.2.6
- v2.0.0
- v2.0.0_PR
- v2.0.0_RC1
- v2.0.0_RC2
- v2.0.1
- v2.0.2
- v2.0.3
- v2.0.4
- v2.0.5
- v2.1.0
- v2.1.0_RC1
- v2.1.1
- v2.1.2
- v2.2.0
- v2.2.1
- v2.2.2
- v2.3.0
- v2.3.1
- v2.3.2
- v2.3.2.1
comments

rails / rails

668

3817

Description:	Ruby on Rails edit
Homepage:	http://rubyonrails.org edit
Public Clone URL:	git://github.com/rails/rails.git Give this clone URL to anyone. `git clone git://github.com/rails/rails.git`
Your Clone URL:	git@github.com:rails/rails.git Use this clone URL yourself. `git clone git@github.com:rails/rails.git`

Request#remote_ip handles the uncommon case that REMOTE_ADDR is a 
comma-separated list.

[#523 state:resolved]

Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>

michaelklishin (author)

Tue Jul 01 01:52:20 -0700 2008

jeremy (committer)

Wed Aug 27 23:03:11 -0700 2008

commit e42a235dd18a39ccc83382365088de96f24fa236
tree b3b2ecd628fa70ab6fbc8ec0649d6b044b2f285d
parent c2068d14d29ec767c681798b3814f0a8e22fb0ff

actionpack/lib/action_controller/request.rb
actionpack/test/controller/request_test.rb

actionpack/lib/action_controller/request.rb 100644 →

0
@@ -197,10 +197,12 @@ module ActionController
0
     # delimited list in the case of multiple chained proxies; the last
0
     # address which is not trusted is the originating IP.
0
     def remote_ip
0
-      if TRUSTED_PROXIES !~ @env['REMOTE_ADDR']
0
-        return @env['REMOTE_ADDR']
0
-      end
0
+      remote_addr_list = @env['REMOTE_ADDR'] && @env['REMOTE_ADDR'].split(',').collect(&:strip)
0
 
0
+      unless remote_addr_list.blank?
0
+        not_trusted_addrs = remote_addr_list.reject {|addr| addr =~ TRUSTED_PROXIES}
0
+        return not_trusted_addrs.first unless not_trusted_addrs.empty?
0
+      end
0
       remote_ips = @env['HTTP_X_FORWARDED_FOR'] && @env['HTTP_X_FORWARDED_FOR'].split(',')
0
 
0
       if @env.include? 'HTTP_CLIENT_IP'

actionpack/test/controller/request_test.rb

0
@@ -17,6 +17,9 @@ class RequestTest < Test::Unit::TestCase
0
     @request.remote_addr = '1.2.3.4'
0
     assert_equal '1.2.3.4', @request.remote_ip(true)
0
 
0
+    @request.remote_addr = '1.2.3.4,3.4.5.6'
0
+    assert_equal '1.2.3.4', @request.remote_ip(true)
0
+
0
     @request.env['HTTP_CLIENT_IP'] = '2.3.4.5'
0
     assert_equal '1.2.3.4', @request.remote_ip(true)
0

Comments