class method `self.new`

Ruby on Rails 4.0.13

Since v3.0.20

Available in: v3.0.20 v3.1.12 v3.2.22.5 v4.0.13 v4.1.16 v4.2.9 v5.2.8.1 v6.0.6 v6.1.7.10 v7.0.10 v7.1.6 v7.2.3 v8.0.4 v8.1.2

Compare with:

self.new(app, check_ip_spoofing = true, custom_proxies = nil)

Create a new RemoteIp middleware instance.

The check_ip_spoofing option is on by default. When on, an exception is raised if it looks like the client is trying to lie about its own IP address. It makes sense to turn off this check on sites aimed at non-IP clients (like WAP devices), or behind proxies that set headers in an incorrect or confusing way (like AWS ELB).

The custom_trusted argument can take a regex, which will be used instead of TRUSTED_PROXIES, or a string, which will be used in addition to TRUSTED_PROXIES. Any proxy setup will put the value you want in the middle (or at the beginning) of the X-Forwarded-For list, with your proxy servers after it. If your proxies aren’t removed, pass them in via the custom_trusted parameter. That way, the middleware will ignore those IP addresses, and return the one that you want.

Parameters

app req
check_ip_spoofing opt = true
custom_proxies opt = nil

Source

# File actionpack/lib/action_dispatch/middleware/remote_ip.rb, line 57
    def initialize(app, check_ip_spoofing = true, custom_proxies = nil)
      @app = app
      @check_ip = check_ip_spoofing
      @proxies = case custom_proxies
        when Regexp
          custom_proxies
        when nil
          TRUSTED_PROXIES
        else
          Regexp.union(TRUSTED_PROXIES, custom_proxies)
        end
    end

Defined in actionpack/lib/action_dispatch/middleware/remote_ip.rb line 57 · View on GitHub · Improve this page · Find usages on GitHub

Defined in ActionDispatch::RemoteIp

Signature

Parameters