My suggestion is to integrate jshttp/proxy-addr into this project and drop the current solution of getClientIp, to work just like express works with proxied requests. People needing to control other headers could still append their getClientIp function into this module and enforce their desired headers. This way we could just append the same setting we use application-wide and it would work as expected out of the box, like it works in express.
I am implementing such a paradigm shift, in my fork of this project, if someone is interested in it as well take a look at it.
express/express does offer application-wide settings to handle proxied request by setting 'trust proxy' option:
The default value is false. Full documentation: http://expressjs.com/en/guide/behind-proxies.html
My suggestion is to integrate jshttp/proxy-addr into this project and drop the current solution of getClientIp, to work just like express works with proxied requests. People needing to control other headers could still append their getClientIp function into this module and enforce their desired headers. This way we could just append the same setting we use application-wide and it would work as expected out of the box, like it works in express.
I am implementing such a paradigm shift, in my fork of this project, if someone is interested in it as well take a look at it.
https://github.com/pdefreitas/express-ipfilter/
Thanks, Pedro