Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

also trust localhost

  • Loading branch information...
commit 96399d348cd04741b78424c98c44efca9a0fd2d3 1 parent 2bab9be
@rkh rkh authored
Showing with 4 additions and 1 deletion.
  1. +1 −1  lib/rack/request.rb
  2. +3 −0  test/spec_request.rb
View
2  lib/rack/request.rb
@@ -306,7 +306,7 @@ def accept_encoding
end
def trusted_proxy?(ip)
- ip =~ /^127\.0\.0\.1$|^(10|172\.(1[6-9]|2[0-9]|30|31)|192\.168)\.|^::1$|^fd[0-9a-f]{2}:.+/i
+ ip =~ /^127\.0\.0\.1$|^(10|172\.(1[6-9]|2[0-9]|30|31)|192\.168)\.|^::1$|^fd[0-9a-f]{2}:.+|^localhost$/i
end
def ip
View
3  test/spec_request.rb
@@ -815,6 +815,9 @@
res = mock.get '/', 'HTTP_X_FORWARDED_FOR' => 'other,unknown,192.168.0.1'
res.body.should.equal 'unknown'
+ res = mock.get '/', 'HTTP_X_FORWARDED_FOR' => 'unknown,localhost,192.168.0.1'
+ res.body.should.equal 'unknown'
+
res = mock.get '/', 'HTTP_X_FORWARDED_FOR' => '9.9.9.9, 3.4.5.6, 10.0.0.1, 172.31.4.4'
res.body.should.equal '3.4.5.6'
Please sign in to comment.
Something went wrong with that request. Please try again.