From 3cf05b911ec58eeda79a5040e686896cc30d5640 Mon Sep 17 00:00:00 2001 From: Will Bryant Date: Fri, 21 Feb 2025 22:48:27 +1300 Subject: [PATCH] Cache the results of #cloudfront_proxies and #trusted_proxies These were being regenerated each call, which takes several ms. Freeze the results of these methods and #ip_ranges to ensure they don't get accidentally modified by callers. railtie was doing this, inadvertently, so use normal array addition there. --- lib/action_pack/cloudfront/ip_ranges.rb | 6 +++--- lib/action_pack/cloudfront/railtie.rb | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/lib/action_pack/cloudfront/ip_ranges.rb b/lib/action_pack/cloudfront/ip_ranges.rb index d9bb1a7..d36413a 100644 --- a/lib/action_pack/cloudfront/ip_ranges.rb +++ b/lib/action_pack/cloudfront/ip_ranges.rb @@ -21,11 +21,11 @@ def ipaddr end def trusted_proxies - cloudfront_proxies + ActionDispatch::RemoteIp::TRUSTED_PROXIES + @trusted_proxies ||= (cloudfront_proxies + ActionDispatch::RemoteIp::TRUSTED_PROXIES).freeze end def cloudfront_proxies - ip_ranges.select(&:cloudfront?).map(&:ipaddr) + @cloudfront_proxies ||= (ip_ranges.select(&:cloudfront?).map(&:ipaddr)).freeze end def ip_ranges @@ -35,7 +35,7 @@ def ip_ranges prefixesv6 = data['ipv6_prefixes'] (prefixes + prefixesv6).map do |attrs| Range.new(attrs) - end + end.freeze end end diff --git a/lib/action_pack/cloudfront/railtie.rb b/lib/action_pack/cloudfront/railtie.rb index bba276b..87b13a6 100644 --- a/lib/action_pack/cloudfront/railtie.rb +++ b/lib/action_pack/cloudfront/railtie.rb @@ -12,7 +12,7 @@ class Railtie < ::Rails::Railtie trusted_proxies = ActionPack::Cloudfront::IpRanges.trusted_proxies existing_proxies = Array(app.config.action_dispatch.trusted_proxies) - app.config.action_dispatch.trusted_proxies = trusted_proxies.concat(existing_proxies).uniq + app.config.action_dispatch.trusted_proxies = (trusted_proxies + existing_proxies).uniq end end