Comments (7)
RemoteIp.from/2
accepts all the same options as the plug, so in theory you could pass inheaders: ["fly-client-ip"]
from aPhoenix.Socket
. But I guess Phoenix only gives you the headers that begin with"x-"
: https://github.com/phoenixframework/phoenix/blob/385bdebdcc879dfb06f02faa5bef7d5e0b97761c/lib/phoenix/socket/transport.ex#L528-L532 There's nothing RemoteIp can do about the headers Phoenix makes available; you'd have to bring it up with them.
Thanks for the thorough reply! Yes, I meant that x- headers only are passed in the Phoenix socket context.
Actually Fly.io puts the whole forwarded IP chain to the correct header, I managed to solve my problems by using the "proxies" option (the list of known proxies) thanks to which the lib ignores Fly.io proxy and fetches the correct remote IP.
from remote_ip.
They do insert the client IP in X-Forwarded-For, but at the front, so it isn't returned by this library because of reasons described here #28
from remote_ip.
Have you tried configuring headers: ["fly-client-ip"]
? https://hexdocs.pm/remote_ip/RemoteIp.Options.html
from remote_ip.
Adding headers: ["fly-client-ip"] works
from remote_ip.
Thanks for confirming, @ivanpetrovic! I'll go ahead and close this issue, then.
from remote_ip.
There's still a problem with socket connections where you need to use x headers.
from remote_ip.
@bartblast What problem, specifically? I've never worked with Phoenix sockets.
RemoteIp.from/2
accepts all the same options as the plug, so in theory you could pass in headers: ["fly-client-ip"]
from a Phoenix.Socket
. But I guess Phoenix only gives you the headers that begin with "x-"
: https://github.com/phoenixframework/phoenix/blob/385bdebdcc879dfb06f02faa5bef7d5e0b97761c/lib/phoenix/socket/transport.ex#L528-L532 There's nothing RemoteIp can do about the headers Phoenix makes available; you'd have to bring it up with them.
If the Fly-Client-IP
header wouldn't be added to a socket connection by Fly.io anyway, then you'll have to use a different header. Going through X-Forwarded-For
, with its comma-separated values, you'll want to understand how the algorithm works and configure things accordingly. For even more depth, there's a brilliant article linked in #29, where we've also been having some discussions about implications for the future of the RemoteIp plug. (As is, the plug uses a single opinionated algorithm for the sake of security, but we're thinking about how to generalize it to allow other strategies.)
from remote_ip.
Related Issues (16)
- Add inet_cidr to included_applications HOT 5
- @reserved is incorrect HOT 1
- problem with rewritten IP HOT 2
- :combine should not be in :included_applications
- Dialyzer warning HOT 5
- Question about mapped-ipv4 ipv6 format HOT 3
- Export `RemoteIp.Block` as its own package? HOT 8
- X-Forwarded-For is parsed incorrectly! HOT 3
- Good article on `x-forwarded-for` parsing HOT 10
- Unsure of Implementation HOT 5
- Plug.Conn also has get_peer_data, which returns the original ip HOT 3
- Parse X-Forwarded-Port and X-Forwarded-Proto HOT 3
- Doesn't Work Running Server in Docker Container HOT 5
- Any way to pass runtime information to `init` HOT 1
- RFC1918 IPs shouldn't be discarded by default HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from remote_ip.