rack-cloudflare 1.0.4 → 1.0.5

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 9d583c505204a0ac54be1748df8eb4b4e2fa1889366a8065dcc00f70d16d7075
4
- data.tar.gz: '079af617a6d6c75e93992c7d43cc537f025b887f3620c686986473cf069c0131'
3
+ metadata.gz: d4a6cbd7a1396b2daee2e5f0e4ed3bb7a77800255eedb6d162c26b9f00a6f8e7
4
+ data.tar.gz: 1f17b7d667512c429fd0168bb32acb6c7c8b23bae057908ef93920ca94af5b01
5
5
  SHA512:
6
- metadata.gz: b290cd1c7eb02e12d7accd551bf910088f33272c5bf1f7d89dfe382a951a1fc196eed3944769439dd3fe2dff119ac6f6f967185b7d5520e8c7cab06e37c1cc21
7
- data.tar.gz: 6f2a38f93c166ceaabe0dd1089f7ce61ba00e00adb0ec816e4119d980cd21c88204aa4beed10b689b5553e5499c83d13e25ef1b8bfe309434546ebcd5f55f13c
6
+ metadata.gz: 575efb62ae08e5eed7d35112f4fba522aa58beee80314c33789110aa4cddc4fa1755fc60bedc2d3c1851f01567f42219465b3fc16aad0c9148b432034cfae5aa
7
+ data.tar.gz: 5cd9b90a95f4c02af706bb76f573c7fcb178a3ded661775041166b36cfbd60ca958d8829dc14cc87f46fb1e36c9cc3e87f9d0d6951b90cc5d476f4a50b4a2b97
data/README.md CHANGED
@@ -79,6 +79,12 @@ Rack::Cloudflare::Headers.original_remote_addr = 'BACKUP_REMOTE_ADDR'
79
79
  Rack::Cloudflare::Headers.original_forwarded_for = 'BACKUP_FORWARDED_FOR'
80
80
  ```
81
81
 
82
+ You can set the `HTTP_X_FORWARDED_FOR` header to exactly `HTTP_CF_CONNECTING_IP`, which effectively removes proxies.
83
+
84
+ ```ruby
85
+ Rack::Cloudflare::Headers.remove_proxies = true
86
+ ```
87
+
82
88
  See _Toolkits: Rewrite Headers_ for alternative uses.
83
89
 
84
90
  ### Logging
@@ -25,7 +25,7 @@ module Rack
25
25
  ALL.map { |h| const_set h, h.to_s.freeze }.freeze
26
26
 
27
27
  class << self
28
- attr_accessor :backup, :original_remote_addr, :original_forwarded_for
28
+ attr_accessor :backup, :remove_proxies, :original_remote_addr, :original_forwarded_for
29
29
 
30
30
  def trusted?(headers)
31
31
  Headers.new(headers).trusted?
@@ -106,6 +106,9 @@ module Rack
106
106
  # it was present in the original request.
107
107
  # See: https://support.cloudflare.com/hc/en-us/articles/200170986-How-does-Cloudflare-handle-HTTP-Request-headers-
108
108
  headers[HTTP_X_FORWARDED_FOR] = "#{connecting_ip}, #{cloudflare_ip}" if forwarded_for.none?
109
+
110
+ # Avoid getting the wrong IP by removing proxies
111
+ headers[HTTP_X_FORWARDED_FOR] = connecting_ip.to_s if connecting_ip && Headers.remove_proxies
109
112
  end
110
113
  end
111
114
 
@@ -129,6 +132,7 @@ module Rack
129
132
  ### Configure
130
133
 
131
134
  self.backup = true
135
+ self.remove_proxies = false
132
136
  self.original_remote_addr = 'ORIGINAL_REMOTE_ADDR'
133
137
  self.original_forwarded_for = 'ORIGINAL_FORWARDED_FOR'
134
138
  end
@@ -2,6 +2,6 @@
2
2
 
3
3
  module Rack
4
4
  class Cloudflare
5
- VERSION = '1.0.4'
5
+ VERSION = '1.0.5'
6
6
  end
7
7
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-cloudflare
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.4
4
+ version: 1.0.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Joel Van Horn
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2018-09-18 00:00:00.000000000 Z
11
+ date: 2018-11-19 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler