v2.0.0 - Show latest stable - 0 notes - Class: ActionController::AbstractRequest
remote_ip() public

Determine originating IP address. REMOTE_ADDR is the standard but will fail if the user is behind a proxy. HTTP_CLIENT_IP and/or HTTP_X_FORWARDED_FOR are set by proxies so check for these before falling back to REMOTE_ADDR. HTTP_X_FORWARDED_FOR may be a comma- delimited list in the case of multiple chained proxies; the first is the originating IP.

Security note: do not use if IP spoofing is a concern for your application. Since remote_ip checks HTTP headers for addresses forwarded by proxies, the client may send any IP. remote_addr can’t be spoofed but also doesn’t work behind a proxy, since it’s always the proxy’s IP.

Show source
Register or log in to add new notes.