diff options
author | David Heinemeier Hansson <david@loudthinking.com> | 2006-03-16 03:31:40 +0000 |
---|---|---|
committer | David Heinemeier Hansson <david@loudthinking.com> | 2006-03-16 03:31:40 +0000 |
commit | f7359342afbe3e654dfb0e78770493deba7342c9 (patch) | |
tree | 4bcb40d9032591c31717e857bb3bf83e906a3643 /actionpack/lib | |
parent | 3a7be80f4796eac74ea8c67e9d176358ea67673f (diff) | |
download | rails-f7359342afbe3e654dfb0e78770493deba7342c9.tar.gz rails-f7359342afbe3e654dfb0e78770493deba7342c9.tar.bz2 rails-f7359342afbe3e654dfb0e78770493deba7342c9.zip |
Added protection against proxy setups treating requests as local even when they're not #3898 [stephen_purcell@yahoo.com]
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@3892 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
Diffstat (limited to 'actionpack/lib')
-rw-r--r-- | actionpack/lib/action_controller/rescue.rb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/actionpack/lib/action_controller/rescue.rb b/actionpack/lib/action_controller/rescue.rb index 104823ebcc..d97a294964 100644 --- a/actionpack/lib/action_controller/rescue.rb +++ b/actionpack/lib/action_controller/rescue.rb @@ -60,7 +60,7 @@ module ActionController #:nodoc: # the remote IP being 127.0.0.1. For example, this could include the IP of the developer machine when debugging # remotely. def local_request? #:doc: - @request.remote_addr == "127.0.0.1" + [@request.remote_addr, @request.remote_ip] == ["127.0.0.1"] * 2 end # Renders a detailed diagnostics screen on action exceptions. |