bizside 2.3.7 → 2.3.9

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3e862771bbdfb64ff2afb022531b1250695b8741628eeefbb1e3b04df397cdda
-  data.tar.gz: e1d399959f57b304de4decd054d21d45e9918bdd8f04a6f78f14e6aa53132827
+  metadata.gz: 46b9cdead64c8e2f35b91ed65a21ec4e78331522211421a6e75015a75124bcc1
+  data.tar.gz: e2fc1dd98565f9e20e362b229035f6b5a9b38a2e6c1abad95eb0c58e55493c77
 SHA512:
-  metadata.gz: d047094b8f553a82da8ddc19b76dad83cf53b75241614fa29a52213d14d2cb2c20bf1f889f5b663dbc0c56889b40a65c314fa51f89605bae429c79f18359357f
-  data.tar.gz: e79df9ac71b7c9d7e3bc6df57108fdefadbc9a43bfe5b45181b736880f57c757a3006e9596b336c7418b1fe2e9041467b769de11dfb0b5dd83d4f466a14866c7
+  metadata.gz: 87fc2260a1eaafd7af65e708a6574a3f28fada1673103ba1ab9c0a70f70168eaeacb56bea82be997d92580dc9d2ec4e94327d838625aacf3dcfe89e24d5e8364
+  data.tar.gz: fb05cc1b9a8db6ffc9aa42a676a25424d9625aa1b9156c22197f4af52e0314a280775301b83fb3ef922e79956bc5d23fae0b30bee713d6c67632e6b50de1c7f8

data/lib/bizside/audit_log.rb

@@ -1,15 +1,23 @@
+require 'ipaddr'
 require_relative 'audit/logger'
 
 module Bizside
   class AuditLog
 
     @@ignore_paths = []
+    @@trusted_proxy_cidrs = []
+    @@trusted_proxy_cidr_objects = {}
     @@truncate_length = 8192
 
     def self.ignore_paths
       @@ignore_paths
     end
 
+    # 192.168.0.0/24 といったCIDR表記の文字列を複数指定可能
+    def self.trusted_proxy_cidrs
+      @@trusted_proxy_cidrs
+    end
+
     def self.truncate_length
       @@truncate_length
     end
@@ -25,7 +33,7 @@ module Bizside
     def call(env)
       start = Time.now.strftime('%Y-%m-%dT%H:%M:%S.%3N%z')
       status, headers, response = @app.call(env)
-      stop = Time.now.strftime('%Y-%m-%dT%H:%M:%S.%3N%z')      
+      stop = Time.now.strftime('%Y-%m-%dT%H:%M:%S.%3N%z')
       exception = env[Bizside::ShowExceptions::BIZSIDE_EXCEPTION_ENV_KEY]
 
       if env['BIZSIDE_SUPPRESS_AUDIT']
@@ -82,7 +90,7 @@ module Bizside
         referrer: env['HTTP_REFERER'],
         request_method: env['REQUEST_METHOD'],
         request_uri: env['BIZSIDE_REQUEST_URI'].presence || env['REQUEST_URI'],
-        remote_address: env['REMOTE_ADDR'],
+        remote_address: to_client_ip(env['HTTP_X_FORWARDED_FOR']) || to_client_ip(env['HTTP_CLIENT_IP']) || env['REMOTE_ADDR'],
         status: status,
         started_at: start,
         finished_at: stop,
@@ -180,5 +188,24 @@ module Bizside
       exception.backtrace.join("\n")[0...truncate_length]
     end
 
+    # 信頼のおけるロードバランサーがプロキシーになっている前提で、各HTTPヘッダの最後のIPをクライアントIPとして取得する
+    def to_client_ip(header_value)
+      ips = header_value ? header_value.strip.split(/[,\s]+/) : []
+      ips.reverse.each do |ip|
+        return ip unless proxy?(ip)
+      end
+
+      nil
+    end
+
+    def proxy?(ip)
+      @@trusted_proxy_cidrs.each do |cidr|
+        cidr_obj = @@trusted_proxy_cidr_objects[cidr] ||= IPAddr.new(cidr)
+        return true if cidr_obj.include?(ip)
+      end
+
+      false
+    end
+
   end
 end

data/lib/bizside/version.rb

@@ -1,3 +1,3 @@
 module Bizside
-  VERSION = '2.3.7'
+  VERSION = '2.3.9'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bizside
 version: !ruby/object:Gem::Version
-  version: 2.3.7
+  version: 2.3.9
 platform: ruby
 authors:
 - bizside-developers
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2024-01-17 00:00:00.000000000 Z
+date: 2024-10-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -368,7 +368,7 @@ dependencies:
         version: 1.5.0
 description: Bizside is an utilities to assist building web application.
 email:
-- bizside-developers@lab.acs-jp.com
+- bizside-developers@bizside.biz
 executables: []
 extensions: []
 extra_rdoc_files: []
@@ -475,7 +475,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.19
+rubygems_version: 3.3.26
 signing_key: 
 specification_version: 4
 summary: Bizside is an utilities for web application.