Class: Gitlab::Middleware::HandleIpSpoofAttackError
- Inherits:
-
Object
- Object
- Gitlab::Middleware::HandleIpSpoofAttackError
- Defined in:
- lib/gitlab/middleware/handle_ip_spoof_attack_error.rb
Overview
ActionDispatch::RemoteIp tries to set the ‘request.ip` for controllers by looking at the request IP and headers. It needs to see through any reverse proxies to get the right answer, but there are some security issues with that.
Proxies can specify ‘Client-Ip` or `X-Forwarded-For`, and the security of that is determined at the edge. If both headers are present, it’s likely that the edge is securing one, but ignoring the other. Rails blocks this, which is correct, because we don’t know which header is the safe one - but we want the block to be a 400, rather than 500, error.
This middleware needs to go before ActionDispatch::RemoteIp in the chain.
Instance Attribute Summary collapse
-
#app ⇒ Object
readonly
Returns the value of attribute app.
Instance Method Summary collapse
- #call(env) ⇒ Object
-
#initialize(app) ⇒ HandleIpSpoofAttackError
constructor
A new instance of HandleIpSpoofAttackError.
Constructor Details
#initialize(app) ⇒ HandleIpSpoofAttackError
Returns a new instance of HandleIpSpoofAttackError.
20 21 22 |
# File 'lib/gitlab/middleware/handle_ip_spoof_attack_error.rb', line 20 def initialize(app) @app = app end |
Instance Attribute Details
#app ⇒ Object (readonly)
Returns the value of attribute app.
18 19 20 |
# File 'lib/gitlab/middleware/handle_ip_spoof_attack_error.rb', line 18 def app @app end |
Instance Method Details
#call(env) ⇒ Object
24 25 26 27 28 29 30 |
# File 'lib/gitlab/middleware/handle_ip_spoof_attack_error.rb', line 24 def call(env) app.call(env) rescue ActionDispatch::RemoteIp::IpSpoofAttackError => err Gitlab::ErrorTracking.track_exception(err) [400, { 'Content-Type' => 'text/plain' }, ['Bad Request']] end |