diff options
author | Andrew White <andyw@pixeltrix.co.uk> | 2013-10-01 01:28:07 -0700 |
---|---|---|
committer | Andrew White <andyw@pixeltrix.co.uk> | 2013-10-01 01:28:07 -0700 |
commit | 83c4b0a7f977b75a9005ceb78d8a2a719392d904 (patch) | |
tree | 8e92885aa33b10f2109d365367b68724c42810f3 /actionpack/CHANGELOG.md | |
parent | ccd11d58910059f07b28cc518dbdad42cbc8ea0c (diff) | |
parent | 85106decc41f1695ff6fe54452168237fd0f98d0 (diff) | |
download | rails-83c4b0a7f977b75a9005ceb78d8a2a719392d904.tar.gz rails-83c4b0a7f977b75a9005ceb78d8a2a719392d904.tar.bz2 rails-83c4b0a7f977b75a9005ceb78d8a2a719392d904.zip |
Merge pull request #12410 from tamird/fix-ip-spoof-errors
Fix ip spoof errors
Diffstat (limited to 'actionpack/CHANGELOG.md')
-rw-r--r-- | actionpack/CHANGELOG.md | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/actionpack/CHANGELOG.md b/actionpack/CHANGELOG.md index 906592874d..31136d91b3 100644 --- a/actionpack/CHANGELOG.md +++ b/actionpack/CHANGELOG.md @@ -1,5 +1,13 @@ ## unreleased ## +* Fix `ActionDispatch::RemoteIp::GetIp#calculate_ip` to only check for spoofing + attacks if both `HTTP_CLIENT_IP` and `HTTP_X_FORWARDED_FOR` are set. + + Fixes #12410 + Backports #10844 + + *Tamir Duberstein* + * Fix the assert_recognizes test method so that it works when there are constraints on the querystring. |