I faced exactly the same issue last week when trying to figure out the correct Vagrant client ip for testing purposes.
Since I later decided upon a better strategy for my case which didn't rely on the client ip but an extra param instead, I didn't go further to understand why I was not getting the proper id as after reading the code it seemed I was using a trusted ip for the proxy server... I wasn't aware of the ip method from Rack though... But now that you mentioned the IP range 10.x maybe this would explain the weird behavior I got. I think this is the range used in the host for private networks with Vagrant / VirtualBox... Em 19/05/2014 14:17, "Aaron Suggs" <[email protected]> escreveu: > > > On Monday, May 19, 2014 10:19:50 AM UTC-4, Sergio Campamá wrote: >> >> I don't know very well, but isn't ip meant to be for example the nginx >> instance that proxied the request and remote_ip the client? > > > Nope. Rack::Request#ip is more complicated than env['REMOTE_ADDR'] (which > would be the ip address on the other end of the TCP socket, i.e., the nginx > server). Rack::Request#ip tries to figure out the "true" client IP by > examining env['HTTP_CLIENT_IP'] and env['HTTP_X_FORWARDED_FOR'] headers. > Rails's `remote_ip` does the same thing, except it's more strict/secure > about what it considers trusted proxy IPs. > > My suggested solution is to move Rails' extra strictness to the > Rack::Request#ip method. That way `request.remote_ip` and `request.ip` > would return the same value. > > >> Are you >> proxing behind something or direct facing the web? If it's direct, >> then the values should be the same (from what I think should be, >> haven't read the code) >> > > I'm proxying. Indeed, if the ruby web server were directly connected to > clients, `remote_ip` and `ip` would be the same. The problematic edge case > is when you use a proxy server that's not in Rails' list of trusted proxies > (i.e., private IP address, like `10.*`). > > -Aaron Suggs > > > -- > You received this message because you are subscribed to the Google Groups > "Ruby on Rails: Core" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at http://groups.google.com/group/rubyonrails-core. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/rubyonrails-core. For more options, visit https://groups.google.com/d/optout.
