This is fine for
local development, but it is insecure if you have a development server open to the
public Internet. The consider_all_requests_local directive is disabled by default in
production mode.
You can override the default local_request? function in your ApplicationController
if you have more complicated rules regarding what constitutes a local request (such
as addresses on the public Internet from which you develop):
class ApplicationController
LOCAL_ADDRS = %w(123.45.67.89 98.76.54.32)
def local_request?
LOCAL_ADDRS.include? request.remote_ip
end
end
In any case, try triggering some exceptions on your public servers with a temporary
action like this one:
class UserController < ApplicationController
def blam
raise "If you can read this, your server is misconfigured!"
end
end
Web Issues | 137
This exception should be caught and logged to the Rails development log, but the
client should only see a nice ???500 Internal Server Error??? page.
Whitelist, Don??™t Blacklist
A general principle of network security is that whitelists (lists of what to allow) are
more secure than blacklists (lists of what to block). This principle descends from a
default-deny, or fail-secure, stance. Whitelists err on the side of caution, assuming
malice when presented with something they don??™t understand.
Zed Shaw, creator of the Mongrel web server, is a vocal proponent of this philosophy.
Pages:
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213