H
Hono4mo ago
andystevenson

conninfo doesn't check for x-forwarded-for?

I am on a host with a caddyserver reverse-proxy and want to make sure the client is coming from a whitelist set of IP addresses. So I set up the server using the ipRestriction middleware as per the docs. I am running it using bun. However the reverse proxy uses the x-forwarded-for header. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-For I was wondering should conninfo or the ipRestriction middleware check for it?
MDN Web Docs
X-Forwarded-For - HTTP | MDN
The X-Forwarded-For (XFF) request header is a de-facto standard header for identifying the originating IP address of a client connecting to a web server through a proxy server.
2 Replies
ryu
ryu4mo ago
You can write this: 
app.use(
  ipRestriction((c) => c.req.header('x-forwarded-for') || "", {
    denyList: [],
    allowList: ['127.0.0.1', '::1'],
  })
)
app.use(
  ipRestriction((c) => c.req.header('x-forwarded-for') || "", {
    denyList: [],
    allowList: ['127.0.0.1', '::1'],
  })
)
andystevenson
andystevensonOP4mo ago
Thanks
Want results from more Discord servers?
Add your server