method

remote_ip

v2.0.1 - Show latest stable - 0 notes - Class: ActionController::AbstractRequest

1.0.0 (0)
1.1.0 (0)
1.1.1 (0)
1.1.6 (0)
1.2.0 (0)
1.2.6 (0)
2.0.0 (28)
2.0.1 (0)
2.0.3 (-26)
2.1.0 (0)
2.2.1 (0)
2.3.2
2.3.8
3.0.0
3.0.5
3.0.7
3.0.9
3.1.0
3.2.1
3.2.3
3.2.8
3.2.13
What's this?

remote_ip() public

Determine originating IP address. REMOTE_ADDR is the standard but will fail if the user is behind a proxy. HTTP_CLIENT_IP and/or HTTP_X_FORWARDED_FOR are set by proxies so check for these before falling back to REMOTE_ADDR. HTTP_X_FORWARDED_FOR may be a comma- delimited list in the case of multiple chained proxies; the first is the originating IP.

Security note: do not use if IP spoofing is a concern for your application. Since remote_ip checks HTTP headers for addresses forwarded by proxies, the client may send any IP. remote_addr can’t be spoofed but also doesn’t work behind a proxy, since it’s always the proxy’s IP.

Show source

# File actionpack/lib/action_controller/request.rb, line 136
    def remote_ip
      return @env['HTTP_CLIENT_IP'] if @env.include? 'HTTP_CLIENT_IP'

      if @env.include? 'HTTP_X_FORWARDED_FOR' then
        remote_ips = @env['HTTP_X_FORWARDED_FOR'].split(',').reject do |ip|
          ip.strip =~ /^unknown$|^(10|172\.(1[6-9]|2[0-9]|30|31)|192\.168)\./i
        end

        return remote_ips.first.strip unless remote_ips.empty?
      end

      @env['REMOTE_ADDR']
    end

remote_ip

Related methods

Flowdock - Team Inbox With Chat