class method
self.new
Ruby on Rails 7.1.6
Since v3.0.20Signature
self.new(app, ip_spoofing_check = true, custom_proxies = nil)Create a new RemoteIp middleware instance.
The ip_spoofing_check option is on by default. When on, an exception is raised if it looks like the client is trying to lie about its own IP address. It makes sense to turn off this check on sites aimed at non-IP clients (like WAP devices), or behind proxies that set headers in an incorrect or confusing way (like AWS ELB).
The custom_proxies argument can take an enumerable which will be used instead of TRUSTED_PROXIES. Any proxy setup will put the value you want in the middle (or at the beginning) of the X-Forwarded-For list, with your proxy servers after it. If your proxies aren’t removed, pass them in via the custom_proxies parameter. That way, the middleware will ignore those IP addresses, and return the one that you want.
Parameters
-
appreq -
ip_spoofing_checkopt = true -
custom_proxiesopt = nil
Source
# File actionpack/lib/action_dispatch/middleware/remote_ip.rb, line 61
def initialize(app, ip_spoofing_check = true, custom_proxies = nil)
@app = app
@check_ip = ip_spoofing_check
@proxies = if custom_proxies.blank?
TRUSTED_PROXIES
elsif custom_proxies.respond_to?(:any?)
custom_proxies
else
raise(ArgumentError, <<~EOM)
Setting config.action_dispatch.trusted_proxies to a single value isn't
supported. Please set this to an enumerable instead. For
example, instead of:
config.action_dispatch.trusted_proxies = IPAddr.new("10.0.0.0/8")
Wrap the value in an Array:
config.action_dispatch.trusted_proxies = [IPAddr.new("10.0.0.0/8")]
Note that passing an enumerable will *replace* the default set of trusted proxies.
EOM
end
end
Defined in actionpack/lib/action_dispatch/middleware/remote_ip.rb line 61
· View on GitHub
· Improve this page
· Find usages on GitHub
Defined in ActionDispatch::RemoteIp