Closed kylegetson closed 11 years ago
This is a great idea, but I think it should be a more explicit configuration option.
I don't think silently ignoring missing PROXY headers is a good plan. By default, it should fail fast if you've misconfigured your upstream ELB/whatever rather than appearing to work but giving the application bad IPs.
I've updated it to default to its previous behavior (dropping non-proxied requests) for backwards compatibility. The proxy function now takes an optional 'strict' parameter, setting it to false will allow both proxied and non-proxied requests. Example to allow non-proxied requests:
var http = require('http')
, proxiedHttp = require('./proxywrap.js').proxy(http,false)
, express = require('express')
, app = express()
, srv = proxiedHttp.createServer(app);
app.get('/', function(req, res){
res.send('IP = ' + req.connection.remoteAddress + ':' + req.connection.remotePort);
});
app.get('/status-check', function(req, res){
res.send('OK');
});
srv.listen(5555);
Dropping the requests that don't come through proxied makes this really hard to test, or move code around between servers/load balancers. This change just allows the request through, and only sets the remoteAddress and remotePort if the proxy header is there.