class ActionDispatch::RemoteIp

def initialize(app, ip_spoofing_check = true, custom_proxies = nil)

ignore those IP addresses, and return the one that you want.
them in via the +custom_proxies+ parameter. That way, the middleware will
with your proxy servers after it. If your proxies aren't removed, pass
want in the middle (or at the beginning) of the +X-Forwarded-For+ list,
instead of +TRUSTED_PROXIES+. Any proxy setup will put the value you
The +custom_proxies+ argument can take an enumerable which will be used

incorrect or confusing way (like AWS ELB).
clients (like WAP devices), or behind proxies that set headers in an
address. It makes sense to turn off this check on sites aimed at non-IP
is raised if it looks like the client is trying to lie about its own IP
The +ip_spoofing_check+ option is on by default. When on, an exception

Create a new +RemoteIp+ middleware instance.

def initialize(app, ip_spoofing_check = true, custom_proxies = nil)
  @app = app
  @check_ip = ip_spoofing_check
  @proxies = if custom_proxies.blank?
    TRUSTED_PROXIES
  elsif custom_proxies.respond_to?(:any?)
    custom_proxies
  else
    ActiveSupport::Deprecation.warn(<<~EOM)
      Setting config.action_dispatch.trusted_proxies to a single value has
      been deprecated. Please set this to an enumerable instead. For
      example, instead of:
      config.action_dispatch.trusted_proxies = IPAddr.new("10.0.0.0/8")
      Wrap the value in an Array:
      config.action_dispatch.trusted_proxies = [IPAddr.new("10.0.0.0/8")]
      Note that unlike passing a single argument, passing an enumerable
      will *replace* the default set of trusted proxies.
    EOM
    Array(custom_proxies) + TRUSTED_PROXIES
  end
end

Modules

Classes

class ActionDispatch::RemoteIp

def initialize(app, ip_spoofing_check = true, custom_proxies = nil)

Instance Methods