Commit graph

5 commits

Author SHA1 Message Date
Douwe Maan
c10064aad5 Enable Style/SpaceInsideBrackets 2017-02-23 09:31:56 -06:00
lookatmike
ae108ff703 Ignore invalid IPs in X-Forwarded-For when trusted proxies are configured. 2016-07-31 15:36:11 -04:00
Stan Hu
8d73c76131 Ignore invalid trusted proxies in X-Forwarded-For header
Certain reverse proxies can send invalid IP addresses in the X-Forwarded-For header
For example, Apache can send (null).

Closes #20194
2016-07-23 21:06:19 -07:00
DJ Mountney
860785f007 Make Rack::Request use our trusted proxies when filtering IP addresses
This allows us to control the trusted proxies while deployed in a private network. Normally Rack::Request will trust all private IPs as trusted proxies, which can caue problems if your users are connection on you network via private IP ranges.

Normally in a rails app this is handled by action_dispatch request, but rack_attack is specifically using the Rack::Request object instead.
2016-06-29 21:19:55 -07:00
DJ Mountney
e37b314567 Add tests for setting trusted_proxies
Each test reloads the trusted_proxies initializer, which in turn will set Rails.application.config.action_dispatch.trusted_proxies to something new. This will leak into the other tests, but the middleware that it is used in has already been loaded for the whole test suite, so it should have no impact.
2016-05-04 15:49:39 -07:00