trust-reverse-proxy
Advanced tools
trustReverseProxy is connect middleware to determine which connections are made through a trusted reverse proxy. Reverse proxies can be used to offload handling SSL connections to and/or for serving up static content.
When SSL connections are handled by a reverse proxy, all connections to connect are over HTTP. This middleware allows you forward SSL connections (almost) transparantly to connect. Typically the reverse proxy adds several custom HTTP headers to the proxied request. These headers can be used to distinguish secure connections (HTTPS) from insecure connections (HTTP).
var connect = require('connect'),
acceptReverseProxy = require('acceptReverseProxy');
app = connect.createServer(acceptReverseProxy({proxyID: 'x-my-secret-proxy'}));
var connect = require('connect'),
acceptReverseProxy = require('acceptReverseProxy');
app = connect.createServer(acceptReverseProxy({
proxyID: 'x-my-secret-proxy',
proxyIp: '192.168.0.1'
}));
var connect = require('connect'),
acceptReverseProxy = require('acceptReverseProxy');
app = connect.createServer(acceptReverseProxy({
proxyID: 'x-my-secret-proxy',
proxyIp: ['192.168.0.1', '192.168.0.2'],
trust: function(req) {
return req.headers[options.proxyID] && (proxyIp.indexOf(req.client.remoteAddress) !== -1);
}
}));
By default trustReverseProxy uses the IP address from the X-Real-IP or X-Forwarded-For headers. Two commonly used headers by reverse proxies to indicate the browser's remote address.
This example uses the header x-my-real-forwarded-ip instead.
var connect = require('connect'),
acceptReverseProxy = require('acceptReverseProxy');
app = connect.createServer(acceptReverseProxy({
proxyID: 'x-my-secret-proxy',
remoteAddress: function(req) {
return req.headers['x-my-real-forwarded-ip'];
}
}));
By default trustReverseProxy detects secure by looking at the x-forwarded-scheme header. A connection is considered secure when this header has the value 'https'.
In this example a connection is considered secure when the header x-forwarded-ssl the value true.
var connect = require('connect'),
acceptReverseProxy = require('acceptReverseProxy');
app = connect.createServer(acceptReverseProxy({
proxyID: 'x-my-secret-proxy',
isSecure: function(req) {
return req.headers['x-forwarded-ssl'] === true;
}
}));
FAQs
Trust a specific reverse proxy to handle incoming (SSL) requests
We found that trust-reverse-proxy demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The UK is proposing a bold ban on ransomware payments by public entities to disrupt cybercrime, protect critical services, and lead global cybersecurity efforts.
Security News
Snyk's use of malicious npm packages for research raises ethical concerns, highlighting risks in public deployment, data exfiltration, and unauthorized testing.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.