Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Merge pull request #3623 from indirect/remote_ip

Remote IP fixes/cleanup
  • Loading branch information...
commit d37e169856dbe022ce892af2f36d96b2f1f63d8e 2 parents e0efe48 + 9c4532b
@josevalim josevalim authored
View
8 actionpack/lib/action_dispatch/middleware/remote_ip.rb
@@ -19,7 +19,7 @@ def initialize(app, check_ip_spoofing = true, custom_proxies = nil)
@app = app
@check_ip_spoofing = check_ip_spoofing
if custom_proxies
- custom_regexp = Regexp.new(custom_proxies, "i")
+ custom_regexp = Regexp.new(custom_proxies)
@trusted_proxies = Regexp.union(TRUSTED_PROXIES, custom_regexp)
else
@trusted_proxies = TRUSTED_PROXIES
@@ -51,11 +51,11 @@ def to_s
if check_ip && !forwarded_ips.include?(client_ip)
# We don't know which came from the proxy, and which from the user
raise IpSpoofAttackError, "IP spoofing attack?!" \
- "HTTP_CLIENT_IP=#{env['HTTP_CLIENT_IP'].inspect}" \
- "HTTP_X_FORWARDED_FOR=#{env['HTTP_X_FORWARDED_FOR'].inspect}"
+ "HTTP_CLIENT_IP=#{@env['HTTP_CLIENT_IP'].inspect}" \
+ "HTTP_X_FORWARDED_FOR=#{@env['HTTP_X_FORWARDED_FOR'].inspect}"
end
- client_ip || forwarded_ips.last || remote_addrs.last
+ client_ip || forwarded_ips.last || remote_addrs.first
end
protected
View
4 actionpack/test/dispatch/request_test.rb
@@ -36,7 +36,7 @@ def url_for(options = {})
request = stub_request 'REMOTE_ADDR' => '1.2.3.4',
'HTTP_X_FORWARDED_FOR' => '3.4.5.6'
- assert_equal '1.2.3.4', request.remote_ip
+ assert_equal '3.4.5.6', request.remote_ip
request = stub_request 'REMOTE_ADDR' => '127.0.0.1',
'HTTP_X_FORWARDED_FOR' => '3.4.5.6'
@@ -106,7 +106,7 @@ def url_for(options = {})
request = stub_request 'REMOTE_ADDR' => '67.205.106.74,172.16.0.1',
'HTTP_X_FORWARDED_FOR' => '3.4.5.6'
- assert_equal '67.205.106.74', request.remote_ip
+ assert_equal '3.4.5.6', request.remote_ip
request = stub_request 'HTTP_X_FORWARDED_FOR' => 'unknown,67.205.106.73'
assert_equal 'unknown', request.remote_ip
Please sign in to comment.
Something went wrong with that request. Please try again.