trusted_proxies

Struct Config

Source 
pub struct Config { /* private fields */ }
Expand description

Config for trusted proxies extractor

By default, it trusts the following:

  • IPV4 Loopback
  • IPV4 Private Networks
  • IPV6 Loopback
  • IPV6 Private Networks

It also trusts the Forwarded and X-Forwarded-For header by default.

§Example

use trusted_proxies::Config;

let mut config = Config::new_local();
config.add_trusted_ip("168.10.0.0/16").unwrap();
config.trust_x_forwarded_host();

Implementations§

Source§

impl Config

Source

pub fn new() -> Self

Create a new TrustedProxies instance with no trusted proxies or headers

Source

pub fn new_local() -> Self

Create a new TrustedProxies instance with local and private networks ip trusted and FORWARDED / X-Forwarded-For headers trusted

Source

pub fn add_trusted_ip(&mut self, proxy: &str) -> Result<(), AddrParseError>

Add a trusted proxy to the list of trusted proxies

proxy can be an IP address or a CIDR

Source

pub fn is_ip_trusted(&self, remote_addr: &IpAddr) -> bool

Check if a remote address is trusted given the list of trusted proxies

Source

pub fn trust_forwarded(&mut self)

Trust the Forwarded header

Source

pub fn trust_x_forwarded_for(&mut self)

Trust the X-Forwarded-For header

Source

pub fn trust_x_forwarded_host(&mut self)

Trust the X-Forwarded-Host header to fetch the host and optionally the port

It is not recommended to trust this header as it can be easily spoofed, however you can trust it if you are behind a reverse proxy that always sets this header.

If there is multiple values in the header, the last one is used, even if there is multiple proxies in the chain.

If you need to get the original value with multiple proxies in the chain, you can use the Forwarded header that allows to do that in a secure way. See RFC7239 for more information.

Source

pub fn trust_x_forwarded_proto(&mut self)

Trust the X-Forwarded-Proto header to fetch the scheme

It is not recommended to trust this header as it can be easily spoofed, however you can trust it if you are behind a reverse proxy that always sets this header.

If there is multiple values in the header, the last one is used, even if there is multiple proxies in the chain.

If you need to get the original value with multiple proxies in the chain, you can use the Forwarded header that allows to do that in a secure way. See RFC7239 for more information.

Source

pub fn trust_x_forwarded_by(&mut self)

Trust the X-Forwarded-By header to identify the proxy that sent the request

It is not recommended to trust this header as it can be easily spoofed, however you can trust it if you are behind a reverse proxy that always sets this header.

If there is multiple values in the header, the last one is used, even if there is multiple proxies in the chain.

If you need to get the original value with multiple proxies in the chain, you can use the Forwarded header that allows to do that in a secure way. See RFC7239 for more information.

Trait Implementations§

Source§

impl Clone for Config

Source§

fn clone(&self) -> Config

Returns a copy of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for Config

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Default for Config

Source§

fn default() -> Self

Returns the “default value” for a type. Read more

Auto Trait Implementations§

§

impl Freeze for Config

§

impl RefUnwindSafe for Config

§

impl Send for Config

§

impl Sync for Config

§

impl Unpin for Config

§

impl UnwindSafe for Config

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dst: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dst. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.