1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
|
// Copyright (c) The go-grpc-middleware Authors.
// Licensed under the Apache License 2.0.
package realip
import "net/netip"
// options represents the configuration options for the realip middleware.
type options struct {
// trustedPeers is a list of trusted peers network prefixes.
trustedPeers []netip.Prefix
// trustedProxies is a list of trusted proxies network prefixes.
// The first rightmost non-matching IP when going through X-Forwarded-For is considered the client IP.
trustedProxies []netip.Prefix
// trustedProxiesCount specifies the number of proxies in front that may append X-Forwarded-For.
// It defaults to 0.
trustedProxiesCount uint
// headers specifies the headers to use in real IP extraction when the request is from a trusted peer.
headers []string
}
// An Option lets you add options to realip interceptors using With* functions.
type Option func(*options)
func evaluateOpts(opts []Option) *options {
optCopy := &options{}
for _, o := range opts {
o(optCopy)
}
return optCopy
}
// WithTrustedPeers sets the trusted peers network prefixes.
func WithTrustedPeers(peers []netip.Prefix) Option {
return func(o *options) {
o.trustedPeers = peers
}
}
// WithTrustedProxies sets the trusted proxies network prefixes.
func WithTrustedProxies(proxies []netip.Prefix) Option {
return func(o *options) {
o.trustedProxies = proxies
}
}
// WithTrustedProxiesCount sets the number of trusted proxies that may append X-Forwarded-For.
func WithTrustedProxiesCount(count uint) Option {
return func(o *options) {
o.trustedProxiesCount = count
}
}
// WithHeaders sets the headers to use in real IP extraction for requests from trusted peers.
func WithHeaders(headers []string) Option {
return func(o *options) {
o.headers = headers
}
}
|
