Parent

Class Index [+]

Quicksearch

ActionDispatch::RemoteIp::RemoteIpGetter

Public Class Methods

new(env, check_ip_spoofing, trusted_proxies) click to toggle source
    # File lib/action_dispatch/middleware/remote_ip.rb, line 6
 6:       def initialize(env, check_ip_spoofing, trusted_proxies)
 7:         @env = env
 8:         @check_ip_spoofing = check_ip_spoofing
 9:         @trusted_proxies = trusted_proxies
10:       end

Public Instance Methods

remote_addrs() click to toggle source
    # File lib/action_dispatch/middleware/remote_ip.rb, line 12
12:       def remote_addrs
13:         @remote_addrs ||= begin
14:           list = @env['REMOTE_ADDR'] ? @env['REMOTE_ADDR'].split(/[,\s]+/) : []
15:           list.reject { |addr| addr =~ @trusted_proxies }
16:         end
17:       end
to_s() click to toggle source
    # File lib/action_dispatch/middleware/remote_ip.rb, line 19
19:       def to_s
20:         return remote_addrs.first if remote_addrs.any?
21: 
22:         forwarded_ips = @env['HTTP_X_FORWARDED_FOR'] ? @env['HTTP_X_FORWARDED_FOR'].strip.split(/[,\s]+/) : []
23: 
24:         if client_ip = @env['HTTP_CLIENT_IP']
25:           if @check_ip_spoofing && !forwarded_ips.include?(client_ip)
26:             # We don't know which came from the proxy, and which from the user
27:             raise IpSpoofAttackError, "IP spoofing attack?!"                "HTTP_CLIENT_IP=#{@env['HTTP_CLIENT_IP'].inspect}"                "HTTP_X_FORWARDED_FOR=#{@env['HTTP_X_FORWARDED_FOR'].inspect}"
28:           end
29:           return client_ip
30:         end
31: 
32:         return forwarded_ips.reject { |ip| ip =~ @trusted_proxies }.last || @env["REMOTE_ADDR"]
33:       end

Disabled; run with --debug to generate this.

[Validate]

Generated with the Darkfish Rdoc Generator 1.1.6.