Package io.quarkus.vertx.http.runtime

Class ProxyConfig

java.lang.Object
io.quarkus.vertx.http.runtime.ProxyConfig
public class ProxyConfig extends Object
Holds configuration related with proxy addressing forward.

  • Field Details

    • useProxyProtocol

      @ConfigItem(defaultValue="false") public boolean useProxyProtocol
      Set whether the server should use the HA PROXY protocol when serving requests from behind a proxy. (see the PROXY Protocol). When set to true, the remote address returned will be the one from the actual connecting client. If it is set to false (default), the remote address returned will be the one from the proxy.

    • proxyAddressForwarding

      @ConfigItem public boolean proxyAddressForwarding
      If this is true then the address, scheme etc. will be set from headers forwarded by the proxy server, such as X-Forwarded-For. This should only be set if you are behind a proxy that sets these headers.

    • allowForwarded

      @ConfigItem public boolean allowForwarded
      If this is true and proxy address forwarding is enabled then the standard Forwarded header will be used. In case the not standard X-Forwarded-For header is enabled and detected on HTTP requests, the standard header has the precedence. Activating this together with quarkus.http.proxy.allow-x-forwarded has security implications as clients can forge requests with a forwarded header that is not overwritten by the proxy. Therefore, proxies should strip unexpected `X-Forwarded` or `X-Forwarded-*` headers from the client.

    • allowXForwarded

      @ConfigItem public Optional<Boolean> allowXForwarded
      If either this or allow-forwarded are true and proxy address forwarding is enabled then the not standard Forwarded header will be used. In case the standard Forwarded header is enabled and detected on HTTP requests, the standard header has the precedence. Activating this together with quarkus.http.proxy.allow-forwarded has security implications as clients can forge requests with a forwarded header that is not overwritten by the proxy. Therefore, proxies should strip unexpected `X-Forwarded` or `X-Forwarded-*` headers from the client.

    • enableForwardedHost

      @ConfigItem(defaultValue="false") public boolean enableForwardedHost
      Enable override the received request's host through a forwarded host header.

    • forwardedHostHeader

      @ConfigItem(defaultValue="X-Forwarded-Host") public String forwardedHostHeader
      Configure the forwarded host header to be used if override enabled.

    • enableForwardedPrefix

      @ConfigItem(defaultValue="false") public boolean enableForwardedPrefix
      Enable prefix the received request's path with a forwarded prefix header.

    • forwardedPrefixHeader

      @ConfigItem(defaultValue="X-Forwarded-Prefix") public String forwardedPrefixHeader
      Configure the forwarded prefix header to be used if prefixing enabled.

    • trustedProxies

      @ConfigItem(defaultValueDocumentation="All proxy addresses are trusted") @ConvertWith(TrustedProxyCheckPartConverter.class) public Optional<List<TrustedProxyCheck.TrustedProxyCheckPart>> trustedProxies
      Configure the list of trusted proxy addresses. Received `Forwarded`, `X-Forwarded` or `X-Forwarded-*` headers from any other proxy address will be ignored. The trusted proxy address should be specified as the IP address (IPv4 or IPv6), hostname or Classless Inter-Domain Routing (CIDR) notation. Please note that Quarkus needs to perform DNS lookup for all hostnames during the request. For that reason, using hostnames is not recommended.

      Examples of a socket address in the form of `host` or `host:port`:

      • `127.0.0.1:8084`
      • `[0:0:0:0:0:0:0:1]`
      • `[0:0:0:0:0:0:0:1]:8084`
      • `[::]`
      • `localhost`
      • `localhost:8084`

      Examples of a CIDR notation:

      • `::/128`
      • `::/0`
      • `127.0.0.0/8`

      Please bear in mind that IPv4 CIDR won't match request sent from the IPv6 address and the other way around.

  • Constructor Details

    • ProxyConfig

      public ProxyConfig()