RubygemsResearch

Sha256: d1602649cde93035d6a2736ea01ccd80553b30720faa9ff914bde55824e59401

Contents?: true

Size: 705 Bytes

Versions: 178

Compression:

Stored size: 705 Bytes

require 'rack/protection'

module Rack
  module Protection
    ##
    # Prevented attack::   IP spoofing
    # Supported browsers:: all
    # More infos::         http://blog.c22.cc/2011/04/22/surveymonkey-ip-spoofing/
    #
    # Detect (some) IP spoofing attacks.
    class IPSpoofing < Base
      default_reaction :deny

      def accepts?(env)
        return true unless env.include? 'HTTP_X_FORWARDED_FOR'
        ips = env['HTTP_X_FORWARDED_FOR'].split(/\s*,\s*/)
        return false if env.include? 'HTTP_CLIENT_IP' and not ips.include? env['HTTP_CLIENT_IP']
        return false if env.include? 'HTTP_X_REAL_IP' and not ips.include? env['HTTP_X_REAL_IP']
        true
      end
    end
  end
end

Version data entries

178 entries across 169 versions & 27 rubygems

Version	Path
rack-protection-2.2.2	lib/rack/protection/ip_spoofing.rb
rack-protection-2.2.1	lib/rack/protection/ip_spoofing.rb
devcycle-ruby-server-sdk-1.1.0	examples/sinatra/vendor/bundle/ruby/2.6.0/gems/rack-protection-2.1.0/lib/rack/protection/ip_spoofing.rb
devcycle-ruby-server-sdk-1.1.0	examples/sinatra/vendor/bundle/ruby/3.1.0/gems/rack-protection-2.1.0/lib/rack/protection/ip_spoofing.rb
devcycle-ruby-server-sdk-1.1.0	examples/sinatra/vendor/bundle/ruby/3.0.0/gems/rack-protection-2.1.0/lib/rack/protection/ip_spoofing.rb
devcycle-ruby-server-sdk-1.1.0	examples/sinatra/vendor/bundle/ruby/2.6.0/gems/rack-protection-2.2.0/lib/rack/protection/ip_spoofing.rb
rack-protection-2.2.0	lib/rack/protection/ip_spoofing.rb
logstash-output-scalyr-0.2.1.beta	vendor/bundle/jruby/2.5.0/gems/rack-protection-1.5.5/lib/rack/protection/ip_spoofing.rb
logstash-output-scalyr-0.2.0	vendor/bundle/jruby/2.5.0/gems/rack-protection-1.5.5/lib/rack/protection/ip_spoofing.rb
logstash-output-scalyr-0.2.0.beta	vendor/bundle/jruby/2.5.0/gems/rack-protection-1.5.5/lib/rack/protection/ip_spoofing.rb
logstash-output-scalyr-0.1.26.beta	vendor/bundle/jruby/2.5.0/gems/rack-protection-1.5.5/lib/rack/protection/ip_spoofing.rb
logstash-output-scalyr-0.1.25.beta	vendor/bundle/jruby/2.5.0/gems/rack-protection-1.5.5/lib/rack/protection/ip_spoofing.rb
logstash-output-scalyr-0.1.24.beta	vendor/bundle/jruby/2.5.0/gems/rack-protection-1.5.5/lib/rack/protection/ip_spoofing.rb
logstash-output-scalyr-0.1.23.beta	vendor/bundle/jruby/2.5.0/gems/rack-protection-1.5.5/lib/rack/protection/ip_spoofing.rb
logstash-output-scalyr-0.1.22.beta	vendor/bundle/jruby/2.5.0/gems/rack-protection-1.5.5/lib/rack/protection/ip_spoofing.rb
logstash-output-scalyr-0.1.21.beta	vendor/bundle/jruby/2.5.0/gems/rack-protection-1.5.5/lib/rack/protection/ip_spoofing.rb
logstash-output-scalyr-0.1.20.beta	vendor/bundle/jruby/2.5.0/gems/rack-protection-1.5.5/lib/rack/protection/ip_spoofing.rb
logstash-output-scalyr-0.1.19.beta	vendor/bundle/jruby/2.5.0/gems/rack-protection-1.5.5/lib/rack/protection/ip_spoofing.rb
logstash-output-scalyr-0.1.18.beta	vendor/bundle/jruby/2.5.0/gems/rack-protection-1.5.5/lib/rack/protection/ip_spoofing.rb
logstash-output-scalyr-0.1.17.beta	vendor/bundle/jruby/2.5.0/gems/rack-protection-1.5.5/lib/rack/protection/ip_spoofing.rb