Skip to content
This repository
Browse code

Request#trusted_proxy? no longer accepts lines

 * Closes #508
 * Adds some limited coverage. More issues highlighted - incomplete local ips.
  • Loading branch information...
commit 5c8a5b7b935d04741587a08125fe58b8217e554a 1 parent b0e81f6
James Tucker authored February 02, 2013
2  lib/rack/request.rb
@@ -340,7 +340,7 @@ def accept_encoding
340 340
     end
341 341
 
342 342
     def trusted_proxy?(ip)
343  
-      ip =~ /^127\.0\.0\.1$|^(10|172\.(1[6-9]|2[0-9]|30|31)|192\.168)\.|^::1$|^fd[0-9a-f]{2}:.+|^localhost$|^unix$|^unix:/i
  343
+      ip =~ /\A127\.0\.0\.1\Z|\A(10|172\.(1[6-9]|2[0-9]|30|31)|192\.168)\.|\A::1\Z|\Afd[0-9a-f]{2}:.+|\Alocalhost\Z|\Aunix\Z|\Aunix:/i
344 344
     end
345 345
 
346 346
     def ip
24  test/spec_request.rb
@@ -1010,6 +1010,30 @@
1010 1010
     res.body.should.equal '3.4.5.6'
1011 1011
   end
1012 1012
 
  1013
+  should "regard local addresses as proxies" do
  1014
+    req = Rack::Request.new(Rack::MockRequest.env_for("/"))
  1015
+    req.trusted_proxy?('127.0.0.1').should.equal 0
  1016
+    req.trusted_proxy?('10.0.0.1').should.equal 0
  1017
+    req.trusted_proxy?('172.16.0.1').should.equal 0
  1018
+    req.trusted_proxy?('172.20.0.1').should.equal 0
  1019
+    req.trusted_proxy?('172.30.0.1').should.equal 0
  1020
+    req.trusted_proxy?('172.31.0.1').should.equal 0
  1021
+    req.trusted_proxy?('192.168.0.1').should.equal 0
  1022
+    req.trusted_proxy?('::1').should.equal 0
  1023
+    req.trusted_proxy?('fd00::').should.equal 0
  1024
+    req.trusted_proxy?('localhost').should.equal 0
  1025
+    req.trusted_proxy?('unix').should.equal 0
  1026
+    req.trusted_proxy?('unix:/tmp/sock').should.equal 0
  1027
+
  1028
+    req.trusted_proxy?("unix.example.org").should.equal nil
  1029
+    req.trusted_proxy?("example.org\n127.0.0.1").should.equal nil
  1030
+    req.trusted_proxy?("127.0.0.1\nexample.org").should.equal nil
  1031
+    req.trusted_proxy?("11.0.0.1").should.equal nil
  1032
+    req.trusted_proxy?("172.15.0.1").should.equal nil
  1033
+    req.trusted_proxy?("172.32.0.1").should.equal nil
  1034
+    req.trusted_proxy?("2001:470:1f0b:18f8::1").should.equal nil
  1035
+  end
  1036
+
1013 1037
   class MyRequest < Rack::Request
1014 1038
     def params
1015 1039
       {:foo => "bar"}

0 notes on commit 5c8a5b7

Please sign in to comment.
Something went wrong with that request. Please try again.