New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
request.remote_ip
appears to return the wrong IP address
#7979
Comments
We incorrectly were using the first address, rather than the last one. Added config option for X_FORWARDED_FOR header We don't need to filter values from X_FORWARDED_FOR header. Client IP can be only first IP in list by specification and only last for ruby servers and Apache. We should return nil if it's proxy IP or invalid IP instead of client IP. Fixes rails#7979
This is still an issue. From stack overflow posts: https://stackoverflow.com/questions/5636032/request-remote-ip-returns-wrong-ip All of these questions point to using
Is there any possibility to fix this in a future release? |
Please check if this can help. Modify/override remote_ip. |
Looks like #24521 is to fix this issue? Will any of you be willing to move that PR forward? |
The last commit to the remote IP middleware appears to have deliberately reversed the algorithm that picks the remote IP out of a list of proxies. Unfortunately, the previous algorithm (which I wrote, and used in production with a few hundred thousand clients :P) is the one that agrees with the written spec for how X-Forwarded-For is supposed to work.
tl;dr plz to revert that part of the commit, I would like to be able to upgrade Rails and still have
remote_ip
return the right IP address.The text was updated successfully, but these errors were encountered: