-
Notifications
You must be signed in to change notification settings - Fork 103
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Wrong IP if proxied via CloudFlare #48
Comments
I'm loooking at #47, and there this could be easly changed. |
Ive also found this to be an issue. Had to turn off cloudflare proxy until this is resolved |
Looked into pending pull requests and #47 is possible solution for this. |
This may have been a transient problem with Cloudflare and/or the OP's environment; Cloudflare are indeed sending
ref. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-For You can verify this yourself by:
|
Cloudflare seems to use |
Cloudflare state in their docs https://developers.cloudflare.com/fundamentals/get-started/http-request-headers:
and further that i.e. I would expect any prioritised list of headers would be a major problem: if you happen to not be using one of the lesser priority proxy headers then a malicious user can simple send along a higher priority header with any value they choose. Cloudflare warn of this issue in the above doc (in the section on |
Has this been resolved? Looking at the library and using cloudflare |
I ran into the same issue a day ago, but luckily i forked and adjusted the code long time ago. You can try it out... Usage:
What it does is reordering header check in https://github.com/pbojinov/request-ip#how-it-works Related issue: #75 |
Any news on this one? Has this been resolved? |
Hi,
I'm getting proxy IP instead of client IP, when I have app proxied via CloudFlare. Cloudflare docs we shoud look in
CF-Connecting-IP
, because value ofX-Forwarded-For
is same asCF-Connecting-IP
only if previous not set (in my example is set with proxy IP). Now I'm getting only proxy IP inX-Forwarded-For
.Example headers I get:
The text was updated successfully, but these errors were encountered: