Methods
C
I
N
T
Class Public methods
new(env, middleware)

Source: show | on GitHub 

# File actionpack/lib/action_dispatch/middleware/remote_ip.rb, line 35
def initialize(env, middleware)
  @env          = env
  @middleware   = middleware
  @calculated_ip = false
end
Instance Public methods
calculate_ip()

Determines originating IP address. REMOTE_ADDR is the standard but will be wrong if the user is behind a proxy. Proxies will set HTTP_CLIENT_IP and/or HTTP_X_FORWARDED_FOR, so we prioritize those. HTTP_X_FORWARDED_FOR may be a comma-delimited list in the case of multiple chained proxies. The last address which is not a known proxy will be the originating IP.

Source: show | on GitHub 

# File actionpack/lib/action_dispatch/middleware/remote_ip.rb, line 47
def calculate_ip
  client_ip     = @env['HTTP_CLIENT_IP']
  forwarded_ips = ips_from('HTTP_X_FORWARDED_FOR')
  remote_addrs  = ips_from('REMOTE_ADDR')

  check_ip = client_ip && @middleware.check_ip
  if check_ip && !forwarded_ips.include?(client_ip)
    # We don't know which came from the proxy, and which from the user
    raise IpSpoofAttackError, "IP spoofing attack?!"              "HTTP_CLIENT_IP=#{@env['HTTP_CLIENT_IP'].inspect}"              "HTTP_X_FORWARDED_FOR=#{@env['HTTP_X_FORWARDED_FOR'].inspect}"
  end

  not_proxy = client_ip || forwarded_ips.last || remote_addrs.first

  # Return first REMOTE_ADDR if there are no other options
  not_proxy || ips_from('REMOTE_ADDR', :allow_proxies).first
end
to_s()

Source: show | on GitHub 

# File actionpack/lib/action_dispatch/middleware/remote_ip.rb, line 66
def to_s
  return @ip if @calculated_ip
  @calculated_ip = true
  @ip = calculate_ip
end
Instance Protected methods
ips_from(header, allow_proxies = false)

Source: show | on GitHub 

# File actionpack/lib/action_dispatch/middleware/remote_ip.rb, line 74
def ips_from(header, allow_proxies = false)
  ips = @env[header] ? @env[header].strip.split(%r[,\s]+/) : []
  allow_proxies ? ips : ips.reject{|ip| ip =~ @middleware.proxies }
end