diff options
| author | Andrew White <andyw@pixeltrix.co.uk> | 2013-09-30 12:39:10 +0100 |
|---|---|---|
| committer | Andrew White <andyw@pixeltrix.co.uk> | 2013-09-30 12:39:10 +0100 |
| commit | deb91862b93176efd2dc58f81574326256791b92 (patch) | |
| tree | 1acb3e7156810022fec72715c6393e058cea8671 /actionpack | |
| parent | 93899335aece402f21fb4663e86d680a5b8e2fec (diff) | |
| parent | ccd6f8b931efa7b3eb191a62522fbfc89389b091 (diff) | |
| download | rails-deb91862b93176efd2dc58f81574326256791b92.tar.gz rails-deb91862b93176efd2dc58f81574326256791b92.tar.bz2 rails-deb91862b93176efd2dc58f81574326256791b92.zip | |
Merge branch 'fix-ip-spoof-errors' of https://github.com/tamird/rails into tamird-fix-ip-spoof-errors
Diffstat (limited to 'actionpack')
| -rw-r--r-- | actionpack/lib/action_dispatch/middleware/remote_ip.rb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/actionpack/lib/action_dispatch/middleware/remote_ip.rb b/actionpack/lib/action_dispatch/middleware/remote_ip.rb index 8879291dbd..57bc6d5cd0 100644 --- a/actionpack/lib/action_dispatch/middleware/remote_ip.rb +++ b/actionpack/lib/action_dispatch/middleware/remote_ip.rb @@ -143,7 +143,7 @@ module ActionDispatch # proxies with incompatible IP header conventions, and there is no way # for us to determine which header is the right one after the fact. # Since we have no idea, we give up and explode. - should_check_ip = @check_ip && client_ips.last + should_check_ip = @check_ip && client_ips.last && forwarded_ips.last if should_check_ip && !forwarded_ips.include?(client_ips.last) # We don't know which came from the proxy, and which from the user raise IpSpoofAttackError, "IP spoofing attack?! " + |