mirror of
https://github.com/rails/rails.git
synced 2022-11-09 12:12:34 -05:00
request.remote_ip understands X-Forwarded-For addresses with nonstandard whitespace. Closes #7386.
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6877 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
This commit is contained in:
parent
0aed1d629e
commit
e5b3d4b3b5
3 changed files with 6 additions and 1 deletions
|
@ -1,5 +1,7 @@
|
|||
*SVN*
|
||||
|
||||
* request.remote_ip understands X-Forwarded-For addresses with nonstandard whitespace. #7386 [moses]
|
||||
|
||||
* Don't prepare response when rendering a component. #8493 [jsierles]
|
||||
|
||||
* Reduce file stat calls when checking for template changes. #7736 [alex]
|
||||
|
|
|
@ -112,7 +112,7 @@ module ActionController
|
|||
|
||||
if @env.include? 'HTTP_X_FORWARDED_FOR' then
|
||||
remote_ips = @env['HTTP_X_FORWARDED_FOR'].split(',').reject do |ip|
|
||||
ip =~ /^unknown$|^(10|172\.(1[6-9]|2[0-9]|30|31)|192\.168)\./i
|
||||
ip.strip =~ /^unknown$|^(10|172\.(1[6-9]|2[0-9]|30|31)|192\.168)\./i
|
||||
end
|
||||
|
||||
return remote_ips.first.strip unless remote_ips.empty?
|
||||
|
|
|
@ -29,6 +29,9 @@ class RequestTest < Test::Unit::TestCase
|
|||
|
||||
@request.env['HTTP_X_FORWARDED_FOR'] = '10.0.0.1,3.4.5.6'
|
||||
assert_equal '3.4.5.6', @request.remote_ip
|
||||
|
||||
@request.env['HTTP_X_FORWARDED_FOR'] = '10.0.0.1, 10.0.0.1, 3.4.5.6'
|
||||
assert_equal '3.4.5.6', @request.remote_ip
|
||||
|
||||
@request.env['HTTP_X_FORWARDED_FOR'] = '127.0.0.1,3.4.5.6'
|
||||
assert_equal '127.0.0.1', @request.remote_ip
|
||||
|
|
Loading…
Reference in a new issue