mirror of
https://github.com/fafhrd91/actix-web
synced 2024-11-30 18:44:35 +01:00
Add security note to ConnectionInfo::remote() (#1158)
This commit is contained in:
parent
fba02fdd8c
commit
88110ed268
@ -162,6 +162,12 @@ impl ConnectionInfo {
|
|||||||
/// - Forwarded
|
/// - Forwarded
|
||||||
/// - X-Forwarded-For
|
/// - X-Forwarded-For
|
||||||
/// - peer name of opened socket
|
/// - peer name of opened socket
|
||||||
|
///
|
||||||
|
/// # Security
|
||||||
|
/// Do not use this function for security purposes, unless you can ensure the Forwarded and
|
||||||
|
/// X-Forwarded-For headers cannot be spoofed by the client. If you want the client's socket
|
||||||
|
/// address explicitly, use
|
||||||
|
/// [`HttpRequest::peer_addr()`](../web/struct.HttpRequest.html#method.peer_addr) instead.
|
||||||
#[inline]
|
#[inline]
|
||||||
pub fn remote(&self) -> Option<&str> {
|
pub fn remote(&self) -> Option<&str> {
|
||||||
if let Some(ref r) = self.remote {
|
if let Some(ref r) = self.remote {
|
||||||
|
Loading…
Reference in New Issue
Block a user