Contents

require File.expand_path('../spec_helper.rb', __FILE__)

describe Rack::Protection::IPSpoofing do
  it_behaves_like "any rack application"

  it 'accepts requests without X-Forward-For header' do
    get('/', {}, 'HTTP_CLIENT_IP' => '1.2.3.4', 'HTTP_X_REAL_IP' => '4.3.2.1')
    last_response.should be_ok
  end

  it 'accepts requests with proper X-Forward-For header' do
    get('/', {}, 'HTTP_CLIENT_IP' => '1.2.3.4',
      'HTTP_X_FORWARDED_FOR' => '192.168.1.20, 1.2.3.4, 127.0.0.1')
    last_response.should be_ok
  end

  it 'denies requests where the client spoofs X-Forward-For but not the IP' do
    get('/', {}, 'HTTP_CLIENT_IP' => '1.2.3.4', 'HTTP_X_FORWARDED_FOR' => '1.2.3.5')
    last_response.should_not be_ok
  end

  it 'denies requests where the client spoofs the IP but not X-Forward-For' do
    get('/', {}, 'HTTP_CLIENT_IP' => '1.2.3.5',
      'HTTP_X_FORWARDED_FOR' => '192.168.1.20, 1.2.3.4, 127.0.0.1')
    last_response.should_not be_ok
  end

  it 'denies requests where IP and X-Forward-For are spoofed but not X-Real-IP' do
    get('/', {},
      'HTTP_CLIENT_IP'       => '1.2.3.5',
      'HTTP_X_FORWARDED_FOR' => '1.2.3.5',
      'HTTP_X_REAL_IP'       => '1.2.3.4')
    last_response.should_not be_ok
  end
end

Version data entries

139 entries across 134 versions & 23 rubygems

Version	Path
logstash-output-scalyr-0.2.1.beta	vendor/bundle/jruby/2.5.0/gems/rack-protection-1.5.5/spec/ip_spoofing_spec.rb
logstash-output-scalyr-0.2.0	vendor/bundle/jruby/2.5.0/gems/rack-protection-1.5.5/spec/ip_spoofing_spec.rb
logstash-output-scalyr-0.2.0.beta	vendor/bundle/jruby/2.5.0/gems/rack-protection-1.5.5/spec/ip_spoofing_spec.rb
logstash-output-scalyr-0.1.26.beta	vendor/bundle/jruby/2.5.0/gems/rack-protection-1.5.5/spec/ip_spoofing_spec.rb
logstash-output-scalyr-0.1.25.beta	vendor/bundle/jruby/2.5.0/gems/rack-protection-1.5.5/spec/ip_spoofing_spec.rb
logstash-output-scalyr-0.1.24.beta	vendor/bundle/jruby/2.5.0/gems/rack-protection-1.5.5/spec/ip_spoofing_spec.rb
logstash-output-scalyr-0.1.23.beta	vendor/bundle/jruby/2.5.0/gems/rack-protection-1.5.5/spec/ip_spoofing_spec.rb
logstash-output-scalyr-0.1.22.beta	vendor/bundle/jruby/2.5.0/gems/rack-protection-1.5.5/spec/ip_spoofing_spec.rb
logstash-output-scalyr-0.1.21.beta	vendor/bundle/jruby/2.5.0/gems/rack-protection-1.5.5/spec/ip_spoofing_spec.rb
logstash-output-scalyr-0.1.20.beta	vendor/bundle/jruby/2.5.0/gems/rack-protection-1.5.5/spec/ip_spoofing_spec.rb
logstash-output-scalyr-0.1.19.beta	vendor/bundle/jruby/2.5.0/gems/rack-protection-1.5.5/spec/ip_spoofing_spec.rb
logstash-output-scalyr-0.1.18.beta	vendor/bundle/jruby/2.5.0/gems/rack-protection-1.5.5/spec/ip_spoofing_spec.rb
logstash-output-scalyr-0.1.17.beta	vendor/bundle/jruby/2.5.0/gems/rack-protection-1.5.5/spec/ip_spoofing_spec.rb
logstash-output-scalyr-0.1.16.beta	vendor/bundle/jruby/2.5.0/gems/rack-protection-1.5.5/spec/ip_spoofing_spec.rb
logstash-output-scalyr-0.1.15.beta	vendor/bundle/jruby/2.5.0/gems/rack-protection-1.5.5/spec/ip_spoofing_spec.rb
logstash-output-scalyr-0.1.14.beta	vendor/bundle/jruby/2.5.0/gems/rack-protection-1.5.5/spec/ip_spoofing_spec.rb
logstash-output-scalyr-0.1.13	vendor/bundle/jruby/2.5.0/gems/rack-protection-1.5.5/spec/ip_spoofing_spec.rb
logstash-output-scalyr-0.1.12	vendor/bundle/jruby/2.5.0/gems/rack-protection-1.5.5/spec/ip_spoofing_spec.rb
logstash-output-scalyr-0.1.11.beta	vendor/bundle/jruby/2.5.0/gems/rack-protection-1.5.5/spec/ip_spoofing_spec.rb
logstash-output-scalyr-0.1.10.beta	vendor/bundle/jruby/2.5.0/gems/rack-protection-1.5.5/spec/ip_spoofing_spec.rb