connect-proxy
Advanced tools
Connect-Proxy is a middleware layer for Connect (running on node.js) that retrieves originating IP/Host values when proxying to your connect app.
When proxying to node (often done because of host/port restrictions, albeit the shortcomings of this approach), the IP address at req.socket.remoteAddress is the IP of the proxy server and req.headers.host is the internal hostname:port of the node server, e.g. localhost:3000.
This middleware allows you to use your connect-based app regardless of your node installation being proxied to. It also helps you utilize features of connect and Express that depend on the described header values and would otherwise lead to unexpected results:
:remote-addr: The address logged by using the :remote-addr-Token of connects logger middleware is no longer the address of the proxy, but the address of the user'/': When redirecting to relative URLs, express prepends protocol and host before redirecting. the prepended host is taken from req.headers.host which leads to redirects to http://localhost:port/ when proxying locally (e.g. proxying through apache)It does so by replacing properties of the req object with values taken from special headers containing the originating IP address and the host name that was originally accessed. Most proxies send these kind of headers, usually x-forwarded-for and x-forwarded-host . These headers can be comma separated lists in case of multiple proxies, with the left-most being the originating value.
npm install connect-proxy
Require the module:
var proxy = require('connect-proxy');
Use the middleware by calling realValues with an options object:
app.configure(function() {
app.use(proxy.realValues({
trusted: '141.10.214.0/24',
ipHeader: 'x-real-ip'
}));
}
trusted {String} request headers can be faked. this option option tells connect-proxy to only trust the given proxy ip or ip-range. ip-ranges must be written in CIDR notation. defaults to '127.0.0.1' if not set or wrong format.strict {Boolean} strict mode, defaults to true. when an untrusted ip-address is found, connect-proxy will throw an error. if this is set to false, no error will be thrown and proxy headers will be ignored.ipHeader {String} header property in which originating ip address and additional proxy ip addresses are defined. defaults to 'x-forwarded-for'hostHeader {String} header property in which originating host and additional proxy hosts are defined. defaults to 'x-forwarded-host'Works with Connect@1.3.0 - if someone finds out more, drop me a line.
View the LICENSE file.
FAQs
Retrieve originating ip/host values when proxying to your connect app
We found that connect-proxy demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Node.js has paused its bug bounty program after funding ended, removing payouts for vulnerability reports but keeping its security process unchanged.
Security News
The Axios compromise shows how time-dependent dependency resolution makes exposure harder to detect and contain.
Research
A supply chain attack on Axios introduced a malicious dependency, plain-crypto-js@4.2.1, published minutes earlier and absent from the project’s GitHub releases.