Proxy Fix — Aquilia Documentation
Comprehensive guide and documentation for Proxy Fix in the Aquilia framework. View API reference, examples, and implementation patterns.
MIDDLEWARE / PROXY HEADERS CORRECTION ProxyFixMiddleware The ProxyFixMiddleware corrects request schemes, client IPs, and ports when running behind reverse proxies (like Nginx, HAProxy, AWS ALB, or Cloudflare). It uses CIDR networks to restrict header trust to verified proxy IPs. Constructor Configuration Configure header trust boundaries to prevent headers spoofing by malicious clients: trusted_proxies: list[str] | None = None — CIDR subnet masks or exact IP addresses of trusted proxies. (Defaults to localhost subnets, private subnets 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16). x_for: int = 1 — Number of proxy hops to trust/unwrap from the right of X-Forwarded-For list. x_proto: int = 1 — Trusted hops for X-Forwarded-Proto scheme header. x_host: int = 1 — Trusted hops for X-Forwarded-Host domain name header. x_port: int = 0 — Trusted hops for X-Forwarded-Port header. (Disabled by default). Usage Example from aquilia.middleware_ext import ProxyFixMiddleware from aquilia.workspace import Workspace from aquilia.integrations import MiddlewareChain workspace = Workspace("myapp").middleware( MiddlewareChain().use( "aquilia.middleware_ext.security:ProxyFixMiddleware", priority=3, trusted_proxies=["10.0.0.0/16", "192.168.1.1"], x_for=2, # Trust dual proxies hops x_proto=1 ) ) Overview )
Go to Homepage