Class: Rack::Protection::IPSpoofing

Inherits:

Base

Object
Base
Rack::Protection::IPSpoofing

show all

Defined in:: lib/rack/protection/ip_spoofing.rb

Overview

Prevented attack: IP spoofing
Supported browsers: all
More infos: blog.c22.cc/2011/04/22/surveymonkey-ip-spoofing/

Detect (some) IP spoofing attacks.

Constant Summary

Constants inherited from Base

Base::DEFAULT_OPTIONS

Instance Attribute Summary

Attributes inherited from Base

#app, #options

Instance Method Summary collapse

#accepts?(env) ⇒ Boolean

Methods inherited from Base

#call, #default_options, default_options, default_reaction, #deny, #drop_session, #encrypt, #initialize, #random_string, #react, #referrer, #safe?, #session, #session?, #warn

Constructor Details

This class inherits a constructor from Rack::Protection::Base

Instance Method Details

#accepts?(env) ⇒ `Boolean`

Returns:

(Boolean)

# File 'lib/rack/protection/ip_spoofing.rb', line 14

def accepts?(env)
  return true unless env.include? 'HTTP_X_FORWARDED_FOR'
  ips = env['HTTP_X_FORWARDED_FOR'].split(/\s*,\s*/)
  return false if env.include? 'HTTP_CLIENT_IP' and not ips.include? env['HTTP_CLIENT_IP']
  return false if env.include? 'HTTP_X_REAL_IP' and not ips.include? env['HTTP_X_REAL_IP']
  true
end

Class: Rack::Protection::IPSpoofing

Overview

Constant Summary

Constants inherited from Base

Instance Attribute Summary

Attributes inherited from Base

Instance Method Summary collapse

Methods inherited from Base

Constructor Details

Instance Method Details

#accepts?(env) ⇒ Boolean

#accepts?(env) ⇒ `Boolean`