Support for `Fly-Client-IP`? about remote_ip HOT 7 CLOSED

RemoteIp.from/2 accepts all the same options as the plug, so in theory you could pass in headers: ["fly-client-ip"] from a Phoenix.Socket. But I guess Phoenix only gives you the headers that begin with "x-": https://github.com/phoenixframework/phoenix/blob/385bdebdcc879dfb06f02faa5bef7d5e0b97761c/lib/phoenix/socket/transport.ex#L528-L532 There's nothing RemoteIp can do about the headers Phoenix makes available; you'd have to bring it up with them.

Thanks for the thorough reply! Yes, I meant that x- headers only are passed in the Phoenix socket context.
Actually Fly.io puts the whole forwarded IP chain to the correct header, I managed to solve my problems by using the "proxies" option (the list of known proxies) thanks to which the lib ignores Fly.io proxy and fetches the correct remote IP.

from remote_ip.

They do insert the client IP in X-Forwarded-For, but at the front, so it isn't returned by this library because of reasons described here #28

from remote_ip.

Have you tried configuring headers: ["fly-client-ip"]? https://hexdocs.pm/remote_ip/RemoteIp.Options.html

from remote_ip.

Adding headers: ["fly-client-ip"] works

from remote_ip.

Thanks for confirming, @ivanpetrovic! I'll go ahead and close this issue, then.

from remote_ip.

There's still a problem with socket connections where you need to use x headers.

from remote_ip.

@bartblast What problem, specifically? I've never worked with Phoenix sockets.

RemoteIp.from/2 accepts all the same options as the plug, so in theory you could pass in headers: ["fly-client-ip"] from a Phoenix.Socket. But I guess Phoenix only gives you the headers that begin with "x-": https://github.com/phoenixframework/phoenix/blob/385bdebdcc879dfb06f02faa5bef7d5e0b97761c/lib/phoenix/socket/transport.ex#L528-L532 There's nothing RemoteIp can do about the headers Phoenix makes available; you'd have to bring it up with them.

If the Fly-Client-IP header wouldn't be added to a socket connection by Fly.io anyway, then you'll have to use a different header. Going through X-Forwarded-For, with its comma-separated values, you'll want to understand how the algorithm works and configure things accordingly. For even more depth, there's a brilliant article linked in #29, where we've also been having some discussions about implications for the future of the RemoteIp plug. (As is, the plug uses a single opinionated algorithm for the sake of security, but we're thinking about how to generalize it to allow other strategies.)

from remote_ip.