aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib
diff options
context:
space:
mode:
Diffstat (limited to 'actionpack/lib')
-rw-r--r--actionpack/lib/action_dispatch/middleware/remote_ip.rb8
1 files changed, 4 insertions, 4 deletions
diff --git a/actionpack/lib/action_dispatch/middleware/remote_ip.rb b/actionpack/lib/action_dispatch/middleware/remote_ip.rb
index 3b813b03bb..58e25aed5a 100644
--- a/actionpack/lib/action_dispatch/middleware/remote_ip.rb
+++ b/actionpack/lib/action_dispatch/middleware/remote_ip.rb
@@ -19,7 +19,7 @@ module ActionDispatch
@app = app
@check_ip_spoofing = check_ip_spoofing
if custom_proxies
- custom_regexp = Regexp.new(custom_proxies, "i")
+ custom_regexp = Regexp.new(custom_proxies)
@trusted_proxies = Regexp.union(TRUSTED_PROXIES, custom_regexp)
else
@trusted_proxies = TRUSTED_PROXIES
@@ -51,11 +51,11 @@ module ActionDispatch
if check_ip && !forwarded_ips.include?(client_ip)
# We don't know which came from the proxy, and which from the user
raise IpSpoofAttackError, "IP spoofing attack?!" \
- "HTTP_CLIENT_IP=#{env['HTTP_CLIENT_IP'].inspect}" \
- "HTTP_X_FORWARDED_FOR=#{env['HTTP_X_FORWARDED_FOR'].inspect}"
+ "HTTP_CLIENT_IP=#{@env['HTTP_CLIENT_IP'].inspect}" \
+ "HTTP_X_FORWARDED_FOR=#{@env['HTTP_X_FORWARDED_FOR'].inspect}"
end
- client_ip || forwarded_ips.last || remote_addrs.last
+ client_ip || forwarded_ips.last || remote_addrs.first
end
protected
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-18 02:17:22 +0000