Sha256: 721a35afb7c28c46ac7c1eb78ab96d6ea1030bc118e7bd90e3128b5abba93de7
Contents?: true
Size: 1017 Bytes
Versions: 11
Compression:
Stored size: 1017 Bytes
Contents
# frozen_string_literal: true
module WebConsole
class Request < ActionDispatch::Request
cattr_accessor :permissions, default: Permissions.new
def permitted?
permissions.include?(strict_remote_ip)
end
def strict_remote_ip
GetSecureIp.new(self, permissions).to_s
rescue ActionDispatch::RemoteIp::IpSpoofAttackError
"[Spoofed]"
end
private
class GetSecureIp < ActionDispatch::RemoteIp::GetIp
def initialize(req, proxies)
# After rails/rails@07b2ff0 ActionDispatch::RemoteIp::GetIp initializes
# with a ActionDispatch::Request object instead of plain Rack
# environment hash. Keep both @req and @env here, so we don't if/else
# on Rails versions.
@req = req
@env = req.env
@check_ip = true
@proxies = proxies
end
def filter_proxies(ips)
ips.reject do |ip|
@proxies.include?(ip)
end
end
end
end
end
Version data entries
11 entries across 11 versions & 3 rubygems