From 654568e71b1ee36a04acef74b1a8ce4737050882 Mon Sep 17 00:00:00 2001 From: Felipe Talavera Date: Sun, 9 Aug 2009 16:56:18 +0100 Subject: Allow to configure trusted proxies via ActionController::Base.trusted_proxies [#2126 state:resolved] Signed-off-by: Pratik Naik --- actionpack/lib/action_controller/metal/compatibility.rb | 2 ++ actionpack/lib/action_dispatch/http/request.rb | 4 ++-- 2 files changed, 4 insertions(+), 2 deletions(-) (limited to 'actionpack/lib') diff --git a/actionpack/lib/action_controller/metal/compatibility.rb b/actionpack/lib/action_controller/metal/compatibility.rb index 23e7b1b3af..f94d1c669c 100644 --- a/actionpack/lib/action_controller/metal/compatibility.rb +++ b/actionpack/lib/action_controller/metal/compatibility.rb @@ -64,6 +64,8 @@ module ActionController cattr_accessor :ip_spoofing_check self.ip_spoofing_check = true + + cattr_accessor :trusted_proxies end # For old tests diff --git a/actionpack/lib/action_dispatch/http/request.rb b/actionpack/lib/action_dispatch/http/request.rb index 5f9463eb91..4190fa21cd 100755 --- a/actionpack/lib/action_dispatch/http/request.rb +++ b/actionpack/lib/action_dispatch/http/request.rb @@ -246,7 +246,7 @@ module ActionDispatch remote_addr_list = @env['REMOTE_ADDR'] && @env['REMOTE_ADDR'].scan(/[^,\s]+/) unless remote_addr_list.blank? - not_trusted_addrs = remote_addr_list.reject {|addr| addr =~ TRUSTED_PROXIES} + not_trusted_addrs = remote_addr_list.reject {|addr| addr =~ TRUSTED_PROXIES || addr =~ ActionController::Base.trusted_proxies} return not_trusted_addrs.first unless not_trusted_addrs.empty? end remote_ips = @env['HTTP_X_FORWARDED_FOR'] && @env['HTTP_X_FORWARDED_FOR'].split(',') @@ -265,7 +265,7 @@ EOM end if remote_ips - while remote_ips.size > 1 && TRUSTED_PROXIES =~ remote_ips.last.strip + while remote_ips.size > 1 && (TRUSTED_PROXIES =~ remote_ips.last.strip || ActionController::Base.trusted_proxies =~ remote_ips.last.strip) remote_ips.pop end -- cgit v1.2.3