On Monday, May 19, 2014 10:19:50 AM UTC-4, Sergio Campamá wrote: > > I don't know very well, but isn't ip meant to be for example the nginx > instance that proxied the request and remote_ip the client?
Nope. Rack::Request#ip is more complicated than env['REMOTE_ADDR'] (which would be the ip address on the other end of the TCP socket, i.e., the nginx server). Rack::Request#ip tries to figure out the "true" client IP by examining env['HTTP_CLIENT_IP'] and env['HTTP_X_FORWARDED_FOR'] headers. Rails's `remote_ip` does the same thing, except it's more strict/secure about what it considers trusted proxy IPs. My suggested solution is to move Rails' extra strictness to the Rack::Request#ip method. That way `request.remote_ip` and `request.ip` would return the same value. > Are you > proxing behind something or direct facing the web? If it's direct, > then the values should be the same (from what I think should be, > haven't read the code) > I'm proxying. Indeed, if the ruby web server were directly connected to clients, `remote_ip` and `ip` would be the same. The problematic edge case is when you use a proxy server that's not in Rails' list of trusted proxies (i.e., private IP address, like `10.*`). -Aaron Suggs -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/rubyonrails-core. For more options, visit https://groups.google.com/d/optout.
