You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I was recently reading The perils of the “real” client IP and noticed that this library is vulnerable to the attacks described in that post. Due to the following items in go-chi/chi, I suspect you're already aware of this issue: go-chi/chi#711, go-chi/chi#967.
I'm opening this issue to ensure that whatever improvements are made to go-chi/chi to remediate this issue are also made to go-chi/httprate. realclientip-go also looks good to me, so I wonder if there's an opportunity to use that implementation.
The text was updated successfully, but these errors were encountered:
Hi there,
I was recently reading The perils of the “real” client IP and noticed that this library is vulnerable to the attacks described in that post. Due to the following items in
go-chi/chi, I suspect you're already aware of this issue: go-chi/chi#711, go-chi/chi#967.I'm opening this issue to ensure that whatever improvements are made to
go-chi/chito remediate this issue are also made togo-chi/httprate.realclientip-goalso looks good to me, so I wonder if there's an opportunity to use that implementation.The text was updated successfully, but these errors were encountered: