Package io.quarkus.vertx.http.runtime

Class ProxyConfig

  • public class ProxyConfig
extends Object
    Holds configuration related with proxy addressing forward.

    • Field Detail

      • proxyAddressForwarding

        @ConfigItem
public boolean proxyAddressForwarding
        If this is true then the address, scheme etc. will be set from headers forwarded by the proxy server, such as X-Forwarded-For. This should only be set if you are behind a proxy that sets these headers.

      • allowForwarded

        @ConfigItem
public boolean allowForwarded
        If this is true and proxy address forwarding is enabled then the standard Forwarded header will be used. In case the not standard X-Forwarded-For header is enabled and detected on HTTP requests, the standard header has the precedence. Activating this together with quarkus.http.proxy.allow-x-forwarded has security implications as clients can forge requests with a forwarded header that is not overwritten by the proxy. Therefore, proxies should strip unexpected `X-Forwarded` or `X-Forwarded-*` headers from the client.

      • allowXForwarded

        @ConfigItem
public Optional<Boolean> allowXForwarded
        If either this or allow-forwarded are true and proxy address forwarding is enabled then the not standard Forwarded header will be used. In case the standard Forwarded header is enabled and detected on HTTP requests, the standard header has the precedence. Activating this together with quarkus.http.proxy.allow-forwarded has security implications as clients can forge requests with a forwarded header that is not overwritten by the proxy. Therefore, proxies should strip unexpected `X-Forwarded` or `X-Forwarded-*` headers from the client.

      • enableForwardedHost

        @ConfigItem(defaultValue="false")
public boolean enableForwardedHost
        Enable override the received request's host through a forwarded host header.

      • forwardedHostHeader

        @ConfigItem(defaultValue="X-Forwarded-Host")
public String forwardedHostHeader
        Configure the forwarded host header to be used if override enabled.

      • enableForwardedPrefix

        @ConfigItem(defaultValue="false")
public boolean enableForwardedPrefix
        Enable prefix the received request's path with a forwarded prefix header.

      • forwardedPrefixHeader

        @ConfigItem(defaultValue="X-Forwarded-Prefix")
public String forwardedPrefixHeader
        Configure the forwarded prefix header to be used if prefixing enabled.

      • trustedProxies

        @ConfigItem(defaultValueDocumentation="All proxy addresses are trusted")
@ConvertWith(TrustedProxyCheckPartConverter.class)
public Optional<List<TrustedProxyCheck.TrustedProxyCheckPart>> trustedProxies
        Configure the list of trusted proxy addresses. Received `Forwarded`, `X-Forwarded` or `X-Forwarded-*` headers from any other proxy address will be ignored. The trusted proxy address should be specified as the IP address (IPv4 or IPv6), hostname or Classless Inter-Domain Routing (CIDR) notation. Please note that Quarkus needs to perform DNS lookup for all hostnames during the request. For that reason, using hostnames is not recommended. Examples of a socket address in the form of `host` or `host:port`:
        • `127.0.0.1:8084`
        • `[0:0:0:0:0:0:0:1]`
        • `[0:0:0:0:0:0:0:1]:8084`
        • `[::]`
        • `localhost`
        • `localhost:8084`
        Examples of a CIDR notation:
        • `::/128`
        • `::/0`
        • `127.0.0.0/8`
        Please bear in mind that IPv4 CIDR won't match request sent from the IPv6 address and the other way around.

    • Constructor Detail

      • ProxyConfig

        public ProxyConfig()