Safe Haskell	None
Language	Haskell2010

Network.Wai.Middleware.RealIp

Description

Infer the remote IP address using headers

Synopsis

realIp :: Middleware
realIpHeader :: HeaderName -> Middleware
realIpTrusted :: HeaderName -> (IP -> Bool) -> Middleware
defaultTrusted :: [IPRange]
ipInRange :: IP -> IPRange -> Bool

Documentation

realIp :: Middleware Source #

Infer the remote IP address from the X-Forwarded-For header, trusting requests from any private IP address. See realIpHeader and realIpTrusted for more information and options.

Since: 3.1.5

realIpHeader :: HeaderName -> Middleware Source #

Infer the remote IP address using the given header, trusting requests from any private IP address. See realIpTrusted for more information and options.

Since: 3.1.5

realIpTrusted :: HeaderName -> (IP -> Bool) -> Middleware Source #

Infer the remote IP address using the given header, but only if the request came from an IP that is trusted by the provided predicate.

The last non-trusted address is used to replace the remoteHost in the Request, unless all present IP addresses are trusted, in which case the first address is used. Invalid IP addresses are ignored, and the remoteHost value remains unaltered if no valid IP addresses are found.

Examples:

 realIpTrusted "X-Forwarded-For" $ flip ipInRange "10.0.0.0/8"

 realIpTrusted "X-Real-Ip" $ \ip -> any (ipInRange ip) defaultTrusted

Since: 3.1.5

defaultTrusted :: [IPRange] Source #

Standard private IP ranges.

Since: 3.1.5

ipInRange :: IP -> IPRange -> Bool Source #

Check if the given IP address is in the given range.

IPv4 addresses can be checked against IPv6 ranges, but testing an IPv6 address against an IPv4 range is always False.

Since: 3.1.5