aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_dispatch/middleware/remote_ip.rb
Commit message (Collapse)AuthorAgeFilesLines
* use a request object to access info from env in GetIpAaron Patterson2015-08-061-10/+12
| | | | | | | again, we want to hide the contents of `env` from the implementation. Allocate a request object to access the contents of env, but save allocations due to string literal allocations when accessing the env hash.
* pass check_ip and proxies to GetIp constructorAaron Patterson2015-06-031-4/+4
| | | | | The `GetIp` class doesn't need to keep a reference to the middleware, so there is no reason to pass the middleware instance to the `GetIp` class
* Don't rescue IPAddr::InvalidAddressErrorPeter Suschlik2014-08-291-1/+1
| | | | | | | | IPAddr::InvalidAddressError does not exist in Ruby 1.9.3 and fails for JRuby in 1.9 mode. As IPAddr::InvalidAddressError is a subclass of ArgumentError (via IPAddr::Error) just rescuing ArgumentError is fine.
* Refactor ActionDispatch::RemoteIpSam Aarons2014-08-211-52/+38
| | | | | | | | | | | | | Refactored IP address checking in ActionDispatch::RemoteIp to rely on the IPAddr class instead of the unwieldly regular expression to match IP addresses. This commit keeps the same api but allows users to pass IPAddr objects to config.action_dispatch.trusted_proxies in addition to passing strings and regular expressions. Example: # config/environments/production.rb config.action_dispatch.trusted_proxies = IPAddr.new('4.8.15.0/16')
* [ci skip] Fix capitalizationAkshay Vishnoi2014-06-071-2/+2
|
* Merge pull request #12651 from cespare/ipv6-remote-ip-fixesRafael Mendonça França2014-05-011-1/+1
|\ | | | | | | | | | | | | Make remote_ip detection properly handle private IPv6 addresses Conflicts: actionpack/CHANGELOG.md
| * Make remote_ip detection properly handle private IPv6 addressesCaleb Spare2013-10-261-1/+1
| | | | | | | | Fixes #12638.
* | Fix parameter naming in RemoteIp middleware constructor methodKalabiYau2014-02-181-2/+2
|/ | | | | Was custom_proxies in inline docs, but should be and defined in constructor as custom_proxies
* make sure both headers are set before checking for ip spoofingTamir Duberstein2013-06-041-1/+1
|
* Fix some typosVipul A M2013-03-241-1/+1
|
* Merge branch 'master' of github.com:lifo/docrailsVijay Dev2013-02-261-1/+1
|\
| * Typo fix.Carson McDonald2013-02-211-1/+1
| |
* | Gist URLs are now namespacedAkira Matsuda2013-02-181-1/+1
|/ | | | see: https://github.com/blog/1406-namespaced-gists
* Fix typo.Carson McDonald2013-02-111-1/+1
| | | | [ci skip]
* Explain the possible precautionsAndre Arko2013-01-021-3/+4
|
* Restore original remote_ip algorithm.Andre Arko2013-01-021-53/+112
| | | | | | | | | | | Proxy servers add X-Forwarded-For headers, resulting in a list of IPs. We remove trusted IP values, and then take the last given value, assuming that it is the most likely to be the correct, unfaked value. See [1] for a very thorough discussion of why that is the best option we have at the moment. [1]: http://blog.gingerlime.com/2012/rails-ip-spoofing-vulnerabilities-and-protection/ Fixes #7979
* memoize calculated ip without additional variableSergey Nartimov2012-11-011-6/+4
| | | | There is no need in additional `@calculated_ip` instance variable.
* Valid ips v4 and v6. Right logic for working with X-FORWARDED-FOR header and ↵Alexey Gaziev2012-04-251-22/+68
| | | | tests.
* Merge pull request #2490 from gsterndale/x_forwarded_for_orderJosé Valim2012-02-071-1/+1
|\ | | | | The first IP address in the X-Forwarded-For header is the originating IP
| * The first IP address in the X-Forwarded-For header is the originating IPGreg Sterndale2012-02-071-1/+1
| |
* | Trusted proxies is replaced with a Regexp or appended to with a StringGreg Sterndale2012-02-071-4/+6
|/
* Fix routing test to use assert_equalCarlos Antonio da Silva2012-01-061-2/+2
|
* It should be @calculated_ip not @calculate_ipArun Agrawal2011-11-171-1/+1
| | | | We are using @calculated_ip. @calculate_ip is no where used
* Initialize our instance variables.Aaron Patterson2011-11-161-1/+3
|
* :facepalm: Request#remote_ip has to work without the middlewareAndre Arko2011-11-161-1/+1
|
* Revert "Revert "Merge pull request #3640 from indirect/remote_ip""Andre Arko2011-11-161-3/+6
| | | | This reverts commit 8d1a2b3ecde5a8745b3eaab4763a71d80ca3441f, because I have fixed the issues this commit caused in the next commit.
* Revert "Merge pull request #3640 from indirect/remote_ip"Jon Leighton2011-11-151-6/+3
| | | | | | | | This reverts commit 6491aadc525b8703708e0fd0fbf05bd436a47801, reversing changes made to 83bf0b626cf2134260903e57d74f67de57384073. See https://github.com/rails/rails/pull/3640#issuecomment-2752761 for explanation.
* GetIp#to_s should never return nil. That's icky.Andre Arko2011-11-141-3/+6
|
* memoize the relatively expensive remote IP codeAndre Arko2011-11-141-1/+7
|
* cleaner namesAndre Arko2011-11-141-6/+6
|
* remove ignored flag, fixes warningsAndre Arko2011-11-131-1/+1
|
* turns out the tests expect remote_addrs.firstAndre Arko2011-11-131-1/+1
|
* correctly raise IpSpoofAttackError messageAndre Arko2011-11-131-2/+2
|
* defer calculating the remote IP until requestedAndre Arko2011-11-121-24/+36
|
* refactor RemoteIp middlewareAndre Arko2011-11-111-37/+44
| | | | | | | | | | | - return the last forwarded IP before REMOTE_ADDR to handle proxies - remove completely superfluous RemoteIpGetter class - remove duplication of trusted proxies regexp - remove unused constant from Request - move comments from Request to where they are actually relevant - edit comments for clarity of purpose The original code (confusingly) tried to return REMOTE_ADDR both at the beginning and the end of the chain of options. Since REMOTE_ADDR is _always_ set, this is kind of silly. This change leaves REMOTE_ADDR as the last option, so that proxied requests will be assigned the correct remote IP address.
* Move remote_ip to a middleware:Carlhuda2010-03-031-0/+51
* ActionController::Base.ip_spoofing_check deprecated => config.action_dispatch.ip_spoofing_check * ActionController::Base.trusted_proxies deprecated => config.action_dispatch.trusted_proxies