method

calculate_ip

v3.2.13 - Show latest stable - 0 notes - Class: GetIp

1.0.0
1.1.6
1.2.6
2.0.3
2.1.0
2.2.1
2.3.8
3.0.0
3.0.9
3.1.0
3.2.1 (0)
3.2.8 (0)
3.2.13 (0)
4.0.2 (25)
4.1.8 (0)
4.2.1 (0)
4.2.7 (0)
4.2.9 (0)
5.0.0.1 (0)
5.1.7 (0)
5.2.3 (0)
6.0.0 (0)
6.1.3.1 (0)
6.1.7.7 (0)
7.0.0 (0)
7.1.3.2
7.1.3.4
What's this?

calculate_ip() public

Determines originating IP address. REMOTE_ADDR is the standard but will be wrong if the user is behind a proxy. Proxies will set HTTP_CLIENT_IP and/or HTTP_X_FORWARDED_FOR, so we prioritize those. HTTP_X_FORWARDED_FOR may be a comma-delimited list in the case of multiple chained proxies. The last address which is not a known proxy will be the originating IP.

Show source

# File actionpack/lib/action_dispatch/middleware/remote_ip.rb, line 47
      def calculate_ip
        client_ip     = @env['HTTP_CLIENT_IP']
        forwarded_ips = ips_from('HTTP_X_FORWARDED_FOR')
        remote_addrs  = ips_from('REMOTE_ADDR')

        check_ip = client_ip && @middleware.check_ip
        if check_ip && !forwarded_ips.include?(client_ip)
          # We don't know which came from the proxy, and which from the user
          raise IpSpoofAttackError, "IP spoofing attack?!"              "HTTP_CLIENT_IP=#{@env['HTTP_CLIENT_IP'].inspect}"              "HTTP_X_FORWARDED_FOR=#{@env['HTTP_X_FORWARDED_FOR'].inspect}"
        end

        not_proxy = client_ip || forwarded_ips.last || remote_addrs.first

        # Return first REMOTE_ADDR if there are no other options
        not_proxy || ips_from('REMOTE_ADDR', :allow_proxies).first
      end

calculate_ip

Related methods