Closed RyleaStark closed 3 years ago
What are you expecting here? Are you expecting just a prettier way to represent the list of addresses?
Because we don't do any compare of these ip's to validate them against a list of trusted ip's I don't see a reason to do anything else with them. Unless we are deciding to add some securtiy to protect against invalid reversed ip's or something.
Occasionally some proxies can be configured to return multiple ip addresses in the x-forwarded-for header, you should account for the possibility of this scenario by preparing with a
split
andpop
as the list will return as such:xxx.xxx.xxx.xxx,xxx.xxx.xxx.xxx
Code reference: https://github.com/petio-team/petio/blob/882605a826dd9c20578ec56037424bf9db22c183/api/app.js#L151