-
Notifications
You must be signed in to change notification settings - Fork 44
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add cloudflare? method to determine if request passed through CF (#149)
* Add cloudflare? method to determine if request passed through CF The `request.cloudflare?` method can be used in a Rack::Attack blocklist rule to block traffic that hasn't passed through CloudFlare. For instance: ```ruby Rack::Attack.blocklist('CloudFlare WAF bypass') do |req| !req.cloudflare? end ``` Note that the request may optionally pass through additional trusted proxies, so it will return true for any of these scenarios: * `REMOTE_ADDR` = CloudFlare * `REMOTE_ADDR` = *trusted_proxy*, `X_HTTP_FORWARDED_FOR` = CloudFlare,... * `REMOTE_ADDR` = *trusted_proxy*, `X_HTTP_FORWARDED_FOR` = *trusted_proxy2*,CloudFlare,... but it will return false if CloudFlare comes after the trusted prefix of `X-Forwarded-For`. * Address Rubocop warnings * Break up tests to only have one expectation per spec * Reduce line lengths
- Loading branch information
Showing
2 changed files
with
64 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters