REMOTE_ADDR not set on ENV about agoo HOT 13 CLOSED

I’ll look into that later today.

from agoo.

Great, I'll add a few tests more tests and release.

from agoo.

UPDATE: I've double-checked, and authentication actually works on production, because Rack is also trying to fetch the request.ip from the HTTP_X_FORWARDED_FOR, which, as I understand, is provided by nginx or whatever server stays in front of Heroku instance with Agoo and Rails.

Still a problem in the development, or any other environment not providing HTTP_X_FORWARDED_FOR.

from agoo.

I could not find any mention of REMOTE_ADDR in the Rack spec at https://github.com/rack/rack/blob/master/SPEC.rdoc. I have no problem adding something though if it is commonly used. Is there are definition somewhere on the rules for setting the value?

from agoo.

Yes, the rules are defined by the CGI RFC-3875 - https://tools.ietf.org/html/rfc3875#section-4.1.8

from agoo.

Also, here's a good SO response on the matter - https://stackoverflow.com/a/43014286/4812102

from agoo.

Great, thanks. That helps.

from agoo.

Interesting that REMOTE_ADDR does not include the HTTP_ prefix as would be expected from the spec. I don't see any other special cases like that except for some RACK_ prefixed keys. Are you aware of any others that should be added? It also does not appear as if all the RFC 3875 environment variables are needed for the Rack::Request.

from agoo.

Yeah, this seems to be a special case, I am not aware of any other. As for the HTTP_ prefix, it is not very clear from the spec, but it seems it should not be applied to the explicitly listed in the spec variables. And, well, this spec is not a standard, as it is stated at the document start, but just a current practice of CGI.

from agoo.

The 'remote-add' branch has a candidate fix to this issue. Please give it a try.

from agoo.

Great, works like a charm!

from agoo.

Released

from agoo.

Thank you very much, @ohler55 !! 👍

from agoo.