Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for Proxy Protocol v1 & v2 for HTTP/1.x #3277

Open
wants to merge 2 commits into
base: master
Choose a base branch
from

Conversation

veeshi
Copy link

@veeshi veeshi commented Feb 3, 2024

PR Type

Feature

PR Checklist

  • Tests for the changes have been added / updated.
  • Documentation comments have been added / updated.
  • A changelog entry has been made for the appropriate packages.
  • Format code with the latest stable rustfmt.
  • (Team) Label with affected crates and semver status.

Overview

This PR adds support for Proxy Protocol v1 & v2 for HTTP/1.x

Closes #1751

@robjtede
Copy link
Member

robjtede commented Feb 3, 2024

I really appreciate your work on this feature. As it happens I'm actually working on this at the lower level with the ambition to introduce a generic stream wrapper as part of the HttpServer builder that allows both more flexible TLS config as well as PROXY protocol.

See actix/actix-net#469

With more eyes on this feature, I'm definitely motivated to pick this up again.

@robjtede robjtede added this to the actix-web v4.5 milestone Feb 3, 2024
@veeshi
Copy link
Author

veeshi commented Feb 3, 2024

Ah! I searched across the actix-web repo but didn't think to look in actix-net! At the moment I added in support for HTTP/1.x only as that is what we use for our platform but HTTP/2 still needs some work. I'm happy to contribute to implementing this properly in actix-net as it is something we rely on. What is remaining from that PR to be implemented?

@robjtede
Copy link
Member

robjtede commented Feb 3, 2024

I can probably clean it up as-is. I remember leaving it unfinished in terms of the PP2 extensions but it's likely that an MVP will be useful for most people.

@robjtede robjtede added B-semver-minor A-web project: actix-web labels Feb 3, 2024
@veeshi
Copy link
Author

veeshi commented Feb 3, 2024

The main TLV is the authority one that people seem to use and that is implemented. If I get some time I can try completing the rest.

@robjtede
Copy link
Member

robjtede commented Feb 3, 2024

The main TLV is the authority

This is great info. I actually don't have significant practical experience using PROXY yet.

@veeshi
Copy link
Author

veeshi commented Feb 4, 2024

It isn't widely used but should be. At the moment in Rust there isn't a lot of support for it in web frameworks. The only web server I've found support is an axum-server fork https://github.com/valorem-labs-inc/hyper-server/ . It is especially useful in those platforms which allow HTTP Host spoofing etc.

@robjtede
Copy link
Member

robjtede commented Feb 4, 2024

Yea for sure. I have a medium term need for it at work for exactly that reason.

@robjtede robjtede removed this from the actix-web v4.5 milestone Feb 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
A-web project: actix-web B-semver-minor
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Proxy Protocol support
2 participants