aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib
diff options
context:
space:
mode:
authorRafael Mendonça França <rafaelmfranca@gmail.com>2013-01-02 15:37:02 -0800
committerRafael Mendonça França <rafaelmfranca@gmail.com>2013-01-02 15:37:02 -0800
commitc9d8481bebe55d8073256391e4f828cb2c8c3849 (patch)
treee6f6bf5432487ed4f8c3c0b42ca48cca8716b51e /actionpack/lib
parentc79fb2ac8f7951a2f178413dbbfdeb4d015afacf (diff)
parentcc5a4bb4df2390cb57d5a295a4f4a51572012268 (diff)
downloadrails-c9d8481bebe55d8073256391e4f828cb2c8c3849.tar.gz
rails-c9d8481bebe55d8073256391e4f828cb2c8c3849.tar.bz2
rails-c9d8481bebe55d8073256391e4f828cb2c8c3849.zip
Merge pull request #8706 from steveklabnik/ip_precautions
Explain the possible IP precautions
Diffstat (limited to 'actionpack/lib')
-rw-r--r--actionpack/lib/action_dispatch/middleware/remote_ip.rb7
1 files changed, 4 insertions, 3 deletions
diff --git a/actionpack/lib/action_dispatch/middleware/remote_ip.rb b/actionpack/lib/action_dispatch/middleware/remote_ip.rb
index ad5e1993aa..4e36c9bb49 100644
--- a/actionpack/lib/action_dispatch/middleware/remote_ip.rb
+++ b/actionpack/lib/action_dispatch/middleware/remote_ip.rb
@@ -17,9 +17,10 @@ module ActionDispatch
# IF YOU DON'T USE A PROXY, THIS MAKES YOU VULNERABLE TO IP SPOOFING.
# This middleware assumes that there is at least one proxy sitting around
# and setting headers with the client's remote IP address. If you don't use
- # a proxy, because you are hosted on e.g. Heroku, any client can claim to
- # have any IP address by setting the X-Forwarded-For header. If you care
- # about that, please take precautions.
+ # a proxy, because you are hosted on e.g. Heroku without SSL, any client can
+ # claim to have any IP address by setting the X-Forwarded-For header. If you
+ # care about that, then you need to explicitly drop or ignore those headers
+ # sometime before this middleware runs.
class RemoteIp
class IpSpoofAttackError < StandardError; end
generated by cgit v1.2.3 (git 2.25.1) at 2025-03-24 06:53:37 +0000