alkdev/reverse-proxy
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ad9b9b9b78861b4d73d427ec3b315fb606c46c0d
reverse-proxy/tests
History
glm-5.1 ad9b9b9b78 fix(rate_limit): use ConnectInfo as sole IP source, reject without it 
The rate limiter previously extracted client IP from the X-Forwarded-For
header first, falling back to ConnectInfo. This allowed attackers to bypass
rate limits by sending spoofed X-Forwarded-For headers. Per ADR-025, the
rate limiter now uses ConnectInfo<SocketAddr> exclusively and rejects
requests with 429 when ConnectInfo is absent.
2026-06-12 14:00:31 +00:00
..
helpers
Add test infrastructure with fixtures, helpers, and integration tests
2026-06-11 11:46:43 +00:00
integration_test.rs
fix(rate_limit): use ConnectInfo as sole IP source, reject without it
2026-06-12 14:00:31 +00:00