Fix: configure trust proxy via CIDR list#349
Conversation
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
|
Preview is available here: |
There was a problem hiding this comment.
Pull request overview
This pull request aims to improve proxy trust configuration by using the proxy-addr library to compile CIDR lists for safer client IP resolution behind proxies, preventing IP spoofing from untrusted sources.
Changes:
- Added
@types/proxy-addrtype definitions to dependencies - Updated trust proxy configuration to parse comma-separated CIDR lists and compile them using
proxy-addr.compile() - Enhanced logging to show the effective trust proxy configuration
Reviewed changes
Copilot reviewed 2 out of 3 changed files in this pull request and generated 5 comments.
| File | Description |
|---|---|
| package.json | Added @types/proxy-addr to dependencies for TypeScript support |
| package-lock.json | Updated lockfile with @types/proxy-addr and promoted @types/node and undici-types from dev to production dependencies |
| backend/routes.ts | Refactored trust proxy configuration to parse CIDR list and use proxy-addr.compile() for compilation |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
Preview is available here: |
|
Something went wrong with PR preview build please check |
|
Preview is available here: |
|
Preview is available here: |
What
TRUST_PROXYCIDR list withproxy-addrfor safe proxy trust handling.@types/proxy-addrfor TypeScript support.Why