actix-web
actix-web copied to clipboard
actix
Add support for Proxy Protocol v1 & v2 for HTTP/1.x
PR Type
Feature
PR Checklist
- [x] Tests for the changes have been added / updated.
- [x] Documentation comments have been added / updated.
- [ ] A changelog entry has been made for the appropriate packages.
- [x] Format code with the latest stable rustfmt.
- [ ] (Team) Label with affected crates and semver status.
Overview
This PR adds support for Proxy Protocol v1 & v2 for HTTP/1.x
Closes #1751
I really appreciate your work on this feature. As it happens I'm actually working on this at the lower level with the ambition to introduce a generic stream wrapper as part of the HttpServer builder that allows both more flexible TLS config as well as PROXY protocol.
See https://github.com/actix/actix-net/pull/469
With more eyes on this feature, I'm definitely motivated to pick this up again.
Ah! I searched across the actix-web repo but didn't think to look in actix-net! At the moment I added in support for HTTP/1.x only as that is what we use for our platform but HTTP/2 still needs some work. I'm happy to contribute to implementing this properly in actix-net as it is something we rely on. What is remaining from that PR to be implemented?
I can probably clean it up as-is. I remember leaving it unfinished in terms of the PP2 extensions but it's likely that an MVP will be useful for most people.
The main TLV is the authority one that people seem to use and that is implemented. If I get some time I can try completing the rest.
The main TLV is the authority
This is great info. I actually don't have significant practical experience using PROXY yet.
It isn't widely used but should be. At the moment in Rust there isn't a lot of support for it in web frameworks. The only web server I've found support is an axum-server fork https://github.com/valorem-labs-inc/hyper-server/ . It is especially useful in those platforms which allow HTTP Host spoofing etc.
Yea for sure. I have a medium term need for it at work for exactly that reason.