actionpack-cloudfront_viewer_address
Advanced tools
Calculate the remote IP ( request.remote_ip ) using CloudFront-Viewer-Address.
[!CAUTION] Be sure to configure security groups and other settings so that HTTP requests go through Amazon CloudFront.
Otherwise, theCloudFront-Viewer-Addresswill be freely modified and IP spoofing.
If you use 'Amazon CloudFront' as the Proxy for Rails App, the remote IP ( request.remote_ip ) will be set to the CloudFront IP.
To work around this problem, it was necessary to calculate the remote IP address using a combination of X-Forwarded-For and the 'IP address of a trusted Proxy'.
Like these Gem...
However, CloudFront provides a more concise solution to this problem with CloudFront-Viewer-Address.
This Gem is intended to make this functionality more concise for use in Rails applications.
Before using this Gem, modify your Amazon CloudFront configuration to enable CloudFront-Viewer-Address.
Please refer to the following for details on how to set up.
ActionPack::CloudfrontViewerAddress Gem InstallInstall the gem and add to the application's Gemfile by executing:
$ bundle add actionpack-cloudfront_viewer_address
If bundler is not being used to manage dependencies, install the gem by executing:
$ gem install actionpack-cloudfront_viewer_address
If you are using Rails, omit this as it will be set automatically.
Otherwise, set the middleware as middleware.insert_after ActionDispatch::RemoteIp, ActionPack::CloudfrontViewerAddress::RemoteIp.
request.remote_ipOtherwise, no special processing is required.
The client's IP address can be obtained by referring to request.remote_ip as usual.
This Gem only references the CloudFront-Viewer-Address request header.
The CloudFront-Viewer-Address header is not improved if the request is made to a Rails application via Amazon CloudFront.
However, if the request is made to a Rails application without going through Amazon CloudFront, the CloudFront-Viewer-Address can be freely rewritten and there is a risk of IP spoofing.
Please keep this in mind.
After checking out the repo, run bin/setup to install dependencies. Then, run rake spec to run the tests. You can also run bin/console for an interactive prompt that will allow you to experiment.
To install this gem onto your local machine, run bundle exec rake install. To release a new version, update the version number in version.rb, and then run bundle exec rake release, which will create a git tag for the version, push git commits and the created tag, and push the .gem file to rubygems.org.
Bug reports and pull requests are welcome on GitHub at https://github.com/tmimura39/actionpack-cloudfront_viewer_address.
The gem is available as open source under the terms of the MIT License.
FAQs
Unknown package
We found that actionpack-cloudfront_viewer_address demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PyPI confirms no security flaws were exploited in the Ultralytics supply chain attack and highlights improvements for safer package publishing.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.