Add regression test for IpSpoofAttackError issue

See #10780
author: Alvaro Redondo <alvaro@redondo.name> 2013-09-03 18:29:40 +0200
committer: Alvaro Redondo <alvaro@redondo.name> 2013-09-03 18:29:40 +0200
commit: 228d2b1e935583f0c5bd64227ff157c346cbbb3d (patch)
tree: 0cf8451b110c28bdb8769f617c036b48f9e0e81a
parent: 8436620cb519c0c808fdd006c7c276146fb3b005 (diff)
download: rails-228d2b1e935583f0c5bd64227ff157c346cbbb3d.tar.gz
rails-228d2b1e935583f0c5bd64227ff157c346cbbb3d.tar.bz2
rails-228d2b1e935583f0c5bd64227ff157c346cbbb3d.zip
1 files changed, 8 insertions, 0 deletions
diff --git a/actionpack/test/dispatch/request_test.rb b/actionpack/test/dispatch/request_test.rb
index f6de9748ca..9c7789bcfb 100644
--- a/actionpack/test/dispatch/request_test.rb
+++ b/actionpack/test/dispatch/request_test.rb
@@ -93,6 +93,14 @@ class RequestTest < ActiveSupport::TestCase
     assert_equal '1.1.1.1', request.remote_ip
   end
 
+  test "remote ip spoof protection ignores private addresses" do
+    request = stub_request 'HTTP_X_FORWARDED_FOR' => '172.17.19.51',
+                           'HTTP_CLIENT_IP'       => '172.17.19.51',
+                           'REMOTE_ADDR'          => '1.1.1.1',
+                           'HTTP_X_BLUECOAT_VIA'  => 'de462e07a2db325e'
+    assert_equal '1.1.1.1', request.remote_ip
+  end
+
   test "remote ip v6" do
     request = stub_request 'REMOTE_ADDR' => '2001:0db8:85a3:0000:0000:8a2e:0370:7334'
     assert_equal '2001:0db8:85a3:0000:0000:8a2e:0370:7334', request.remote_ip
author	Alvaro Redondo <alvaro@redondo.name>	2013-09-03 18:29:40 +0200
committer	Alvaro Redondo <alvaro@redondo.name>	2013-09-03 18:29:40 +0200
commit	228d2b1e935583f0c5bd64227ff157c346cbbb3d (patch)
tree	0cf8451b110c28bdb8769f617c036b48f9e0e81a
parent	8436620cb519c0c808fdd006c7c276146fb3b005 (diff)
download	rails-228d2b1e935583f0c5bd64227ff157c346cbbb3d.tar.gz rails-228d2b1e935583f0c5bd64227ff157c346cbbb3d.tar.bz2 rails-228d2b1e935583f0c5bd64227ff157c346cbbb3d.zip