Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Request#trusted_proxy? no longer accepts lines

 * Closes #508
 * Adds some limited coverage. More issues highlighted - incomplete local ips.
  • Loading branch information...
commit 5c8a5b7b935d04741587a08125fe58b8217e554a 1 parent b0e81f6
@raggi raggi authored
Showing with 25 additions and 1 deletion.
  1. +1 −1  lib/rack/request.rb
  2. +24 −0 test/spec_request.rb
View
2  lib/rack/request.rb
@@ -340,7 +340,7 @@ def accept_encoding
end
def trusted_proxy?(ip)
- ip =~ /^127\.0\.0\.1$|^(10|172\.(1[6-9]|2[0-9]|30|31)|192\.168)\.|^::1$|^fd[0-9a-f]{2}:.+|^localhost$|^unix$|^unix:/i
+ ip =~ /\A127\.0\.0\.1\Z|\A(10|172\.(1[6-9]|2[0-9]|30|31)|192\.168)\.|\A::1\Z|\Afd[0-9a-f]{2}:.+|\Alocalhost\Z|\Aunix\Z|\Aunix:/i
end
def ip
View
24 test/spec_request.rb
@@ -1010,6 +1010,30 @@
res.body.should.equal '3.4.5.6'
end
+ should "regard local addresses as proxies" do
+ req = Rack::Request.new(Rack::MockRequest.env_for("/"))
+ req.trusted_proxy?('127.0.0.1').should.equal 0
+ req.trusted_proxy?('10.0.0.1').should.equal 0
+ req.trusted_proxy?('172.16.0.1').should.equal 0
+ req.trusted_proxy?('172.20.0.1').should.equal 0
+ req.trusted_proxy?('172.30.0.1').should.equal 0
+ req.trusted_proxy?('172.31.0.1').should.equal 0
+ req.trusted_proxy?('192.168.0.1').should.equal 0
+ req.trusted_proxy?('::1').should.equal 0
+ req.trusted_proxy?('fd00::').should.equal 0
+ req.trusted_proxy?('localhost').should.equal 0
+ req.trusted_proxy?('unix').should.equal 0
+ req.trusted_proxy?('unix:/tmp/sock').should.equal 0
+
+ req.trusted_proxy?("unix.example.org").should.equal nil
+ req.trusted_proxy?("example.org\n127.0.0.1").should.equal nil
+ req.trusted_proxy?("127.0.0.1\nexample.org").should.equal nil
+ req.trusted_proxy?("11.0.0.1").should.equal nil
+ req.trusted_proxy?("172.15.0.1").should.equal nil
+ req.trusted_proxy?("172.32.0.1").should.equal nil
+ req.trusted_proxy?("2001:470:1f0b:18f8::1").should.equal nil
+ end
+
class MyRequest < Rack::Request
def params
{:foo => "bar"}
Please sign in to comment.
Something went wrong with that request. Please try again.