Unix sockets are not considered proxies, causing useless logging. #353

Merged
merged 1 commit into from Mar 17, 2012

Projects

None yet

9 participants

@barttenbrinke

When you use the current preferred passenger setup (Nginx => Sockets => Passenger => Rails), Rack will not correctly identify the remote client's ip_address.
This pull request fixes this.

Before in my rails production.log:

Started GET "/users/login" for unix: at Fri Mar 02 15:03:05 +0100 2012
Processing by UsersController#login as HTML
Completed 200 OK in 8ms (Views: 4.7ms | ActiveRecord: 1.6ms)

After:

Started GET "/users/login" for 123.123.123.123: at Fri Mar 02 15:03:05 +0100 2012
Processing by UsersController#login as HTML
Completed 200 OK in 8ms (Views: 4.7ms | ActiveRecord: 1.6ms)
@barttenbrinke

Is there any way I can speed up the merge of this patch? Its hurting us pretty bad in our new Nginx / Passenger setup.

@morenocarullo

+1, this would be helpful.

@daenney

+1

@olafz

+1

@aswen

+1

@foeken

+1

@raggi raggi merged commit d404218 into rack:master Mar 17, 2012
@raggi
Official Rack repositories member

Thanks.

@barttenbrinke

Thank you! Now I can remove my mixins :)

@Mordred

Hi. I think that i should be "^unix" not "^unix$" because it does not match "unix:" string

@barttenbrinke

No, it should be "unix". The "unix:" you see in the example is produced bij the Rails logger. Rack gets "unix".

@barttenbrinke

After typing this I looked, and I couldn't find the ":" in logger.rb, however, I do know that this works as I used the mixin. So either my example was wrong, or this works correctly by accident :)

@Mordred

We are running RoR hosting business and using nginx + passenger standalone connected through sockets. And Rack gets "unix:" with ":" at the end. But I noticed that sometimes it contains another characters (non-ascii) after ":" (e.g "unix:rent^D", "unix:-Compa^D" or "unix: 3.0.1^D").

I think that the regexp can be less strict, because sockets are always local and they can be mark as trusted.

@mlangenberg

Is there a reason why there has not been a Rack release since 6 months?

@mlangenberg

@Mordred is correct by the way, trusted_proxy?(ip) is being called with "unix:", and I have also seen "unix:" + garbage.

The regexp should be less strict, ^unix will do.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment