Object
Determines originating IP address. REMOTE_ADDR is the standard but will be wrong if the user is behind a proxy. Proxies will set HTTP_CLIENT_IP and/or HTTP_X_FORWARDED_FOR, so we prioritize those. HTTP_X_FORWARDED_FOR may be a comma-delimited list in the case of multiple chained proxies. The last address which is not a known proxy will be the originating IP.
# File lib/action_dispatch/middleware/remote_ip.rb, line 47 47: def calculate_ip 48: client_ip = @env['HTTP_CLIENT_IP'] 49: forwarded_ips = ips_from('HTTP_X_FORWARDED_FOR') 50: remote_addrs = ips_from('REMOTE_ADDR') 51: 52: check_ip = client_ip && @middleware.check_ip 53: if check_ip && !forwarded_ips.include?(client_ip) 54: # We don't know which came from the proxy, and which from the user 55: raise IpSpoofAttackError, "IP spoofing attack?!" "HTTP_CLIENT_IP=#{@env['HTTP_CLIENT_IP'].inspect}" "HTTP_X_FORWARDED_FOR=#{@env['HTTP_X_FORWARDED_FOR'].inspect}" 56: end 57: 58: not_proxy = client_ip || forwarded_ips.last || remote_addrs.first 59: 60: # Return first REMOTE_ADDR if there are no other options 61: not_proxy || ips_from('REMOTE_ADDR', :allow_proxies).first 62: end
# File lib/action_dispatch/middleware/remote_ip.rb, line 74 74: def ips_from(header, allow_proxies = false) 75: ips = @env[header] ? @env[header].strip.split(/[,\s]+/) : [] 76: allow_proxies ? ips : ips.reject{|ip| ip =~ @middleware.proxies } 77: end
Disabled; run with --debug to generate this.
Generated with the Darkfish Rdoc Generator 1.1.6.