Add clarifying comments for correct-but-non-obvious behaviors (C3, W8, W10, W11, S9)

2026-06-12 05:05:10 +00:00
parent 516efb0403
commit 9b3fe23499
5 changed files with 20 additions and 0 deletions
--- a/src/rate_limit/mod.rs
+++ b/src/rate_limit/mod.rs
@@ -76,6 +76,11 @@ pub async fn rate_limit_middleware(
        });

    let Some(ip) = client_ip else {
+        // If no client IP can be identified, the request passes through without rate
+        // limiting. In practice, ConnectInfo is always set by the server's
+        // ConnectInfoService, so this branch is unreachable. If the proxy were ever
+        // deployed without ConnectInfo propagation, rate limiting would silently become
+        // a no-op. Consider adding a warning log or returning 429 in a future phase.
        return next.run(req).await;
    };