Class: ActionDispatch::RemoteIp::RemoteIpGetter
- Defined in:
- actionpack/lib/action_dispatch/middleware/remote_ip.rb
Instance Method Summary collapse
-
#initialize(env, check_ip_spoofing, trusted_proxies) ⇒ RemoteIpGetter
constructor
A new instance of RemoteIpGetter.
- #remote_addrs ⇒ Object
- #to_s ⇒ Object
Constructor Details
#initialize(env, check_ip_spoofing, trusted_proxies) ⇒ RemoteIpGetter
Returns a new instance of RemoteIpGetter.
6 7 8 9 10 |
# File 'actionpack/lib/action_dispatch/middleware/remote_ip.rb', line 6 def initialize(env, check_ip_spoofing, trusted_proxies) @env = env @check_ip_spoofing = check_ip_spoofing @trusted_proxies = trusted_proxies end |
Instance Method Details
#remote_addrs ⇒ Object
12 13 14 15 16 17 |
# File 'actionpack/lib/action_dispatch/middleware/remote_ip.rb', line 12 def remote_addrs @remote_addrs ||= begin list = @env['REMOTE_ADDR'] ? @env['REMOTE_ADDR'].split(/[,\s]+/) : [] list.reject { |addr| addr =~ @trusted_proxies } end end |
#to_s ⇒ Object
19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 |
# File 'actionpack/lib/action_dispatch/middleware/remote_ip.rb', line 19 def to_s return remote_addrs.first if remote_addrs.any? forwarded_ips = @env['HTTP_X_FORWARDED_FOR'] ? @env['HTTP_X_FORWARDED_FOR'].strip.split(/[,\s]+/) : [] if client_ip = @env['HTTP_CLIENT_IP'] if @check_ip_spoofing && !forwarded_ips.include?(client_ip) # We don't know which came from the proxy, and which from the user raise IpSpoofAttackError, "IP spoofing attack?!" \ "HTTP_CLIENT_IP=#{@env['HTTP_CLIENT_IP'].inspect}" \ "HTTP_X_FORWARDED_FOR=#{@env['HTTP_X_FORWARDED_FOR'].inspect}" end return client_ip end return forwarded_ips.reject { |ip| ip =~ @trusted_proxies }.last || @env["REMOTE_ADDR"] end |