Fixed AbstractRequest#remote_ip for users going through proxies - Patch #228 [Eric Hodel]

git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@12 5ecf4fe2-1ee6-0310-87b1-e25e094e27de

2 files changed, 11 insertions, 9 deletions

diff --git a/actionpack/CHANGELOG b/actionpack/CHANGELOG
index e16694068e..6b2c6e41e3 100644
--- a/actionpack/CHANGELOG
+++ b/actionpack/CHANGELOG
@@ -1,5 +1,7 @@
 *CVS*
 
+* Fixed AbstractRequest#remote_ip for users going through proxies - Patch #228 [Eric Hodel]
+
 * Added Request#ssl? which is shorthand for @request.protocol == "https://"
 
 * Added the choice to call form_tag with no arguments (resulting in a form posting to current action) [bitsweat]
diff --git a/actionpack/lib/action_controller/request.rb b/actionpack/lib/action_controller/request.rb
index f54a00dd86..d58cf58543 100755
--- a/actionpack/lib/action_controller/request.rb
+++ b/actionpack/lib/action_controller/request.rb
@@ -33,17 +33,17 @@ module ActionController
     # delimited list in the case of multiple chained proxies; the first is
     # the originating IP.
     def remote_ip
-      if env['HTTP_CLIENT_IP']
-        env['HTTP_CLIENT_IP']
-      elsif env['HTTP_X_FORWARDED_FOR']
-        remote_ip = env['HTTP_X_FORWARDED_FOR'].split(',').reject { |ip|
+      return env['HTTP_CLIENT_IP'] if env.include? 'HTTP_CLIENT_IP'
+
+      if env.include? 'HTTP_X_FORWARDED_FOR' then
+        remote_ips = env['HTTP_X_FORWARDED_FOR'].split(',').reject do |ip|
             ip =~ /^unknown$|^(10|172\.16|192\.168)\./i
-        }.first
-        
-        remote_ip ? remote_ip.strip : env['REMOTE_ADDR']
-      else
-        env['REMOTE_ADDR']
+        end
+
+        return remote_ips.first.strip unless remote_ips.empty?
       end
+
+      return env['REMOTE_ADDR']
     end
 
     def request_uri