diff options
author | David Heinemeier Hansson <david@loudthinking.com> | 2005-02-24 12:03:17 +0000 |
---|---|---|
committer | David Heinemeier Hansson <david@loudthinking.com> | 2005-02-24 12:03:17 +0000 |
commit | 11404e17e3cb0ad6a80066d2219ce3db50af9b38 (patch) | |
tree | 39ee102f0653dfbf82761aa2c2a52a76241a8312 /actionpack/lib | |
parent | 4fbc3e30eb800d938a0dd637316fa785c402b26b (diff) | |
download | rails-11404e17e3cb0ad6a80066d2219ce3db50af9b38.tar.gz rails-11404e17e3cb0ad6a80066d2219ce3db50af9b38.tar.bz2 rails-11404e17e3cb0ad6a80066d2219ce3db50af9b38.zip |
Fixed that proxy IPs do not follow all RFC1918 nets #251 [caleb@aei-tech.com]
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@789 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
Diffstat (limited to 'actionpack/lib')
-rwxr-xr-x | actionpack/lib/action_controller/request.rb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/actionpack/lib/action_controller/request.rb b/actionpack/lib/action_controller/request.rb index aaefe92ebf..69c325035b 100755 --- a/actionpack/lib/action_controller/request.rb +++ b/actionpack/lib/action_controller/request.rb @@ -43,7 +43,7 @@ module ActionController if env.include? 'HTTP_X_FORWARDED_FOR' then remote_ips = env['HTTP_X_FORWARDED_FOR'].split(',').reject do |ip| - ip =~ /^unknown$|^(10|172\.16|192\.168)\./i + ip =~ /^unknown$|^(10|172\.(1[6-9]|2[0-9]|30|31)|192\.168)\./i end return remote_ips.first.strip unless remote_ips.empty? |