update actix-web-actors

prepare actix-web release
Add security note to ConnectionInfo::remote() (#1158 )
2025-08-29 00:07:48 +02:00 · 2019-11-14 08:58:24 +06:00 · 2019-11-14 08:55:37 +06:00 · 2019-11-14 08:32:47 +06:00
5 changed files with 17 additions and 6 deletions
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -1,6 +1,6 @@
 # Changes

-## [1.0.9] - 2019-xx-xx
+## [1.0.9] - 2019-11-14

 ### Added

@@ -10,6 +10,7 @@

 * Support `Host` guards when the `Host` header is unset (e.g. HTTP/2 requests) (#1129)

+
 ## [1.0.8] - 2019-09-25

 ### Added
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "actix-web"
-version = "1.0.8"
+version = "1.0.9"
 authors = ["Nikolay Kim <fafhrd91@gmail.com>"]
 description = "Actix web is a simple, pragmatic and extremely fast web framework for Rust."
 readme = "README.md"
@@ -78,7 +78,7 @@ actix-utils = "0.4.4"
 actix-router = "0.1.5"
 actix-rt = "0.2.4"
 actix-web-codegen = "0.1.2"
-actix-http = "0.2.9"
+actix-http = "0.2.11"
 actix-server = "0.6.1"
 actix-server-config = "0.1.2"
 actix-testing = "0.1.0"
--- a/actix-web-actors/CHANGES.md
+++ b/actix-web-actors/CHANGES.md
@@ -1,5 +1,9 @@
 # Changes

+## [1.0.3] - 2019-11-14
+
+* Update actix-web and actix-http dependencies
+
 ## [1.0.2] - 2019-07-20

 * Add `ws::start_with_addr()`, returning the address of the created actor, along
--- a/actix-web-actors/Cargo.toml
+++ b/actix-web-actors/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "actix-web-actors"
-version = "1.0.2"
+version = "1.0.3"
 authors = ["Nikolay Kim <fafhrd91@gmail.com>"]
 description = "Actix actors support for actix web framework."
 readme = "README.md"
@@ -19,8 +19,8 @@ path = "src/lib.rs"

 [dependencies]
 actix = "0.8.3"
-actix-web = "1.0.3"
-actix-http = "0.2.5"
+actix-web = "1.0.9"
+actix-http = "0.2.11"
 actix-codec = "0.1.2"
 bytes = "0.4"
 futures = "0.1.25"
--- a/src/info.rs
+++ b/src/info.rs
@@ -162,6 +162,12 @@ impl ConnectionInfo {
    /// - Forwarded
    /// - X-Forwarded-For
    /// - peer name of opened socket
+    ///
+    /// # Security
+    /// Do not use this function for security purposes, unless you can ensure the Forwarded and
+    /// X-Forwarded-For headers cannot be spoofed by the client. If you want the client's socket
+    /// address explicitly, use
+    /// [`HttpRequest::peer_addr()`](../web/struct.HttpRequest.html#method.peer_addr) instead.
    #[inline]
    pub fn remote(&self) -> Option<&str> {
        if let Some(ref r) = self.remote {
Author	SHA1	Message	Date
Nikolay Kim	5cb2d500d1	update actix-web-actors	2019-11-14 08:58:24 +06:00
Nikolay Kim	0212c618c6	prepare actix-web release	2019-11-14 08:55:37 +06:00
Feiko Nanninga	88110ed268	Add security note to ConnectionInfo::remote() (#1158 )	2019-11-14 08:32:47 +06:00