Lib.rs

Network programming
#proxies #trusted #request #trusted-proxies

trusted-proxies

A rust crate to extract http request information behind trusted proxies

Owned by Joel Wurtz.

3 releases (breaking)

0.3.0 Jan 16, 2025
0.2.0 Jan 9, 2025
0.1.0 Jan 8, 2025

#849 in Network programming

Download history 278/week @ 2025-01-08 131/week @ 2025-01-15 8/week @ 2025-02-05 16/week @ 2025-02-12 8/week @ 2025-02-26 1/week @ 2025-03-05 13/week @ 2025-03-19 15/week @ 2025-03-26 30/week @ 2025-04-02 12/week @ 2025-04-09

70 downloads per month

MIT license

42KB
708 lines

Trusted proxies

This crate allow you to extract a trusted client ip address, host and port from a http request.

Usage

use trusted_proxies::{Config, Trusted};
use http::Request;

fn main() {
    let config = Config::new_local();
    let mut request = http::Request::get("/").body(()).unwrap();
    request.headers_mut().insert(http::header::FORWARDED, "for=1.2.3.4; proto=https; by=myproxy; host=mydomain.com:8080".parse().unwrap());
    let socket_ip_addr = core::net::IpAddr::from([127, 0, 0, 1]);

    let trusted = Trusted::from(socket_ip_addr, &request, &config);

    assert_eq!(trusted.scheme(), Some("https"));
    assert_eq!(trusted.host(), Some("mydomain.com"));
    assert_eq!(trusted.port(), Some(8080));
    assert_eq!(trusted.ip(), core::net::IpAddr::from([1, 2, 3, 4]));
}

Features

  • Use the Forwarded header to extract the client ip address and other informations in priority.
  • Fall back to the X-Forwarded-For header if the Forwarded header is not present or not trusted.
  • Can extract information from the X-Forwarded-Host / X-Forwarded-Proto / X-Forwarded-By headers if they are trusted.

Implementation

This crate try to follow the RFC 7239 specifications but may differ on real world usage.

Dependencies

~770KB
~12K SLoC