From 38cff18af0ed48bcd5916b6b6bb6ceeb9ab062fd Mon Sep 17 00:00:00 2001
From: DJ Mountney <david@twkie.net>
Date: Fri, 1 Apr 2016 15:04:03 -0700
Subject: [PATCH] Adjust the default trusted_proxies to only include localhost,
 and allow other trusted proxies to be configured.

---
 config/initializers/1_settings.rb      | 1 +
 config/initializers/trusted_proxies.rb | 2 ++
 2 files changed, 3 insertions(+)
 create mode 100644 config/initializers/trusted_proxies.rb

diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb
index 72c4d8d61ce..2167da306f2 100644
--- a/config/initializers/1_settings.rb
+++ b/config/initializers/1_settings.rb
@@ -190,6 +190,7 @@ Settings.gitlab.default_projects_features['visibility_level']    = Settings.send
 Settings.gitlab['repository_downloads_path'] = File.join(Settings.shared['path'], 'cache/archive') if Settings.gitlab['repository_downloads_path'].nil?
 Settings.gitlab['restricted_signup_domains'] ||= []
 Settings.gitlab['import_sources'] ||= ['github','bitbucket','gitlab','gitorious','google_code','fogbugz','git']
+Settings.gitlab['trusted_proxies'] ||= []
 
 
 #
diff --git a/config/initializers/trusted_proxies.rb b/config/initializers/trusted_proxies.rb
new file mode 100644
index 00000000000..b8cc025bae2
--- /dev/null
+++ b/config/initializers/trusted_proxies.rb
@@ -0,0 +1,2 @@
+Rails.application.config.action_dispatch.trusted_proxies =
+  [ '127.0.0.1', '::1' ] + Array(Gitlab.config.gitlab.trusted_proxies)
-- 
GitLab