1
0
mirror of https://github.com/fafhrd91/actix-web synced 2024-11-30 18:44:35 +01:00

Add security note to ConnectionInfo::remote() (#1158)

This commit is contained in:
Feiko Nanninga 2019-11-14 03:32:47 +01:00 committed by Nikolay Kim
parent fba02fdd8c
commit 88110ed268

View File

@ -162,6 +162,12 @@ impl ConnectionInfo {
/// - Forwarded
/// - X-Forwarded-For
/// - peer name of opened socket
///
/// # Security
/// Do not use this function for security purposes, unless you can ensure the Forwarded and
/// X-Forwarded-For headers cannot be spoofed by the client. If you want the client's socket
/// address explicitly, use
/// [`HttpRequest::peer_addr()`](../web/struct.HttpRequest.html#method.peer_addr) instead.
#[inline]
pub fn remote(&self) -> Option<&str> {
if let Some(ref r) = self.remote {