This crate allow you to extract a trusted client ip address, host and port from a http request.
use trusted_proxies::{Config, Trusted};
use http::Request;
fn main() {
let config = Config::new_local();
let mut request = http::Request::get("/").body(()).unwrap();
request.headers_mut().insert(http::header::FORWARDED, "for=1.2.3.4; proto=https; by=myproxy; host=mydomain.com:8080".parse().unwrap());
let socket_ip_addr = core::net::IpAddr::from([127, 0, 0, 1]);
let trusted = Trusted::from(socket_ip_addr, &request, &config);
assert_eq!(trusted.scheme(), Some("https"));
assert_eq!(trusted.host(), Some("mydomain.com"));
assert_eq!(trusted.port(), Some(8080));
assert_eq!(trusted.ip(), core::net::IpAddr::from([1, 2, 3, 4]));
}- Use the
Forwardedheader to extract the client ip address and other informations in priority. - Fall back to the
X-Forwarded-Forheader if theForwardedheader is not present or not trusted. - Can extract information from the
X-Forwarded-Host/X-Forwarded-Proto/X-Forwarded-Byheaders if they are trusted.
This crate try to follow the RFC 7239 specifications but may differ on real world usage.