summaryrefslogtreecommitdiff
path: root/config/initializers/trusted_proxies.rb
Commit message (Collapse)AuthorAgeFilesLines
* Run rubocop -aNick Thomas2019-03-131-4/+2
|
* Remove rails 4 support in CI, Gemfiles, bin/ and config/Jasper Maes2018-12-141-7/+5
|
* [Rails5] Fix trusted proxiesblackst0ne2018-05-031-0/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | There is a bug in trusted proxies: https://github.com/rails/rails/issues/5223 This commit adds a monkey patch to fix the bug. Example of errors: ``` 1) trusted_proxies with default config preserves private IPs Failure/Error: expect(request.ip).to eq('10.1.5.89') expected: "10.1.5.89" got: nil (compared using ==) # ./spec/initializers/trusted_proxies_spec.rb:12:in `block (3 levels) in <top (required)>' 2) trusted_proxies with default config filters out localhost Failure/Error: expect(request.ip).to eq('10.1.5.89') expected: "10.1.5.89" got: "1.1.1.1" (compared using ==) # ./spec/initializers/trusted_proxies_spec.rb:18:in `block (3 levels) in <top (required)>' ```
* Enable Layout/TrailingWhitespace cop and auto-correct offensesRobert Speicher2017-08-151-1/+1
|
* Enable Style/SpaceInsideBracketsDouwe Maan2017-02-231-1/+1
|
* Ignore invalid IPs in X-Forwarded-For when trusted proxies are configured.lookatmike2016-07-311-0/+2
|
* Ignore invalid trusted proxies in X-Forwarded-For headerreject-invalid-trusted-proxiesStan Hu2016-07-231-2/+8
| | | | | | | Certain reverse proxies can send invalid IP addresses in the X-Forwarded-For header For example, Apache can send (null). Closes #20194
* Make Rack::Request use our trusted proxies when filtering IP addressesrack-request-trusted-proxiesDJ Mountney2016-06-291-0/+13
| | | | | | This allows us to control the trusted proxies while deployed in a private network. Normally Rack::Request will trust all private IPs as trusted proxies, which can caue problems if your users are connection on you network via private IP ranges. Normally in a rails app this is handled by action_dispatch request, but rack_attack is specifically using the Rack::Request object instead.
* Pass trusted_proxies to action_dispatch as IPAddrs instead of stringsDJ Mountney2016-04-281-1/+2
| | | | Without this setting your own trusted_proxies does not work.
* Adjust the default trusted_proxies to only include localhost, and allow ↵DJ Mountney2016-04-121-0/+2
other trusted proxies to be configured.
View Lorry Controller Status