Resolve client IP from the socket peer address as a fallback#193
Closed
bartes wants to merge 1 commit into
Closed
Conversation
The IP extractor now accepts an optional remote address and surfaces it as `remote-addr` when no `x-forwarded-for` or `remote-addr` header is present, so extraction precedence, trusted-proxy filtering, and custom `ipHeaders` are unchanged. The default context derives this value from the request connection (`socket.remoteAddress`, `connection.remoteAddress`, or `info.remoteAddress`), covering the raw Node `IncomingMessage`, Express, Fastify, Koa, Next, and Hapi. A shared `CastleRequest` type describes the request shape consumed by the context services.
Contributor
Author
|
Closing for now — the localhost case is handled in the example app instead. Keeping the branch around in case we revisit SDK-level autodetection. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The client IP is now resolved from the connection's peer address when no
X-Forwarded-FororRemote-Addrheader is present, so direct and localhost requests carry acontext.ipinstead of none.Changes
IPsExtractService.callaccepts an optionalremoteAddressand surfaces it asremote-addronly when that header is absent. It participates in extraction with the existing precedence (afterX-Forwarded-For), trusted-proxy filtering,trustedProxyDepth, andtrustProxyChain. An existingremote-addrheader is preserved, and customipHeadersthat excluderemote-addrignore it.ContextGetDefaultServicederives the value from the request connection across frameworks:socket.remoteAddress, thenconnection.remoteAddress, theninfo.remoteAddress(raw NodeIncomingMessage, Express, Fastify, Koa, Next, Hapi).CastleRequesttype for the request shape consumed by the context services.The third
IPsExtractService.callargument is optional and the fallback only applies when no IP header yields a value, so existing behavior is unchanged.