#[non_exhaustive]pub struct ClientIp {
pub ip: IpAddr,
}Expand description
Resolved client IP of the current request.
Inserted as a request extension on every request served by serve,
right after PeerAddr. Equals the direct peer’s IP unless
trusted-forwarder mode is active
(McpServerConfig::with_trusted_proxies) and the request arrived
through a trusted proxy with a verifiable forwarding chain — in that
case it is the rightmost-untrusted address from X-Forwarded-For
(or RFC 7239 Forwarded, per
McpServerConfig::with_forwarded_header).
All built-in per-IP rate limiters key by this value. PeerAddr
keeps its direct-socket-peer contract unchanged; applications that
need provenance can compare ClientIp.ip with PeerAddr.addr.ip().
§Security
Resolution only ever activates when the direct peer is inside the operator’s trusted-proxy CIDRs; every ambiguous chain (malformed or obfuscated entries, all-trusted chains, header bombs) falls back to the direct peer, never to a header value. The framework never logs this value outside rate-limit deny paths.
Fields (Non-exhaustive)§
This struct is marked as non-exhaustive
Struct { .. } syntax; cannot be matched against without a wildcard ..; and struct update syntax will not work.ip: IpAddrResolved client IP (direct peer unless trusted-forwarder resolution applied).