Skip to content

Commit

Permalink
also trust localhost
Browse files Browse the repository at this point in the history
  • Loading branch information
@rkh
rkh committed Oct 1, 2011
1 parent 2bab9be commit 96399d3
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 1 deletion.
2 changes: 1 addition & 1 deletion lib/rack/request.rb
View file
Expand Up @@ -306,7 +306,7 @@ def accept_encoding
end

def trusted_proxy?(ip)
ip =~ /^127\.0\.0\.1$|^(10|172\.(1[6-9]|2[0-9]|30|31)|192\.168)\.|^::1$|^fd[0-9a-f]{2}:.+/i
ip =~ /^127\.0\.0\.1$|^(10|172\.(1[6-9]|2[0-9]|30|31)|192\.168)\.|^::1$|^fd[0-9a-f]{2}:.+|^localhost$/i
end

def ip
Expand Down
3 changes: 3 additions & 0 deletions test/spec_request.rb
View file
Expand Up @@ -815,6 +815,9 @@
res = mock.get '/', 'HTTP_X_FORWARDED_FOR' => 'other,unknown,192.168.0.1'
res.body.should.equal 'unknown'

res = mock.get '/', 'HTTP_X_FORWARDED_FOR' => 'unknown,localhost,192.168.0.1'
res.body.should.equal 'unknown'

res = mock.get '/', 'HTTP_X_FORWARDED_FOR' => '9.9.9.9, 3.4.5.6, 10.0.0.1, 172.31.4.4'
res.body.should.equal '3.4.5.6'

Expand Down

0 comments on commit 96399d3

Please sign in to comment.