Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Added protection against proxy setups treating requests as local even…

… when they're not #3898 [stephen_purcell@yahoo.com]

git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@3892 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
  • Loading branch information...
commit f7359342afbe3e654dfb0e78770493deba7342c9 1 parent 3a7be80
@dhh dhh authored
View
2  actionpack/CHANGELOG
@@ -1,5 +1,7 @@
*SVN*
+* Added protection against proxy setups treating requests as local even when they're not #3898 [stephen_purcell@yahoo.com]
+
* Added TestRequest#raw_post that simulate raw_post from CgiRequest #3042 [francois.beausoleil@gmail.com]
* Underscore dasherized keys in formatted requests [Jamis Buck]
View
2  actionpack/lib/action_controller/rescue.rb
@@ -60,7 +60,7 @@ def rescue_action_in_public(exception) #:doc:
# the remote IP being 127.0.0.1. For example, this could include the IP of the developer machine when debugging
# remotely.
def local_request? #:doc:
- @request.remote_addr == "127.0.0.1"
+ [@request.remote_addr, @request.remote_ip] == ["127.0.0.1"] * 2
end
# Renders a detailed diagnostics screen on action exceptions.
Please sign in to comment.
Something went wrong with that request. Please try again.