github.com/ulule/limiter/v3@v3.11.3-0.20230613131926-4cb9c1da4633/options.go (about) 1 package limiter 2 3 import ( 4 "net" 5 ) 6 7 // Option is a functional option. 8 type Option func(*Options) 9 10 // Options are limiter options. 11 type Options struct { 12 // IPv4Mask defines the mask used to obtain a IPv4 address. 13 IPv4Mask net.IPMask 14 // IPv6Mask defines the mask used to obtain a IPv6 address. 15 IPv6Mask net.IPMask 16 // TrustForwardHeader enable parsing of X-Real-IP and X-Forwarded-For headers to obtain user IP. 17 // Please be advised that using this option could be insecure (ie: spoofed) if your reverse 18 // proxy is not configured properly to forward a trustworthy client IP. 19 // Please read the section "Limiter behind a reverse proxy" in the README for further information. 20 TrustForwardHeader bool 21 // ClientIPHeader defines a custom header (likely defined by your CDN or Cloud provider) to obtain user IP. 22 // If configured, this option will override "TrustForwardHeader" option. 23 // Please be advised that using this option could be insecure (ie: spoofed) if your reverse 24 // proxy is not configured properly to forward a trustworthy client IP. 25 // Please read the section "Limiter behind a reverse proxy" in the README for further information. 26 ClientIPHeader string 27 } 28 29 // WithIPv4Mask will configure the limiter to use given mask for IPv4 address. 30 func WithIPv4Mask(mask net.IPMask) Option { 31 return func(o *Options) { 32 o.IPv4Mask = mask 33 } 34 } 35 36 // WithIPv6Mask will configure the limiter to use given mask for IPv6 address. 37 func WithIPv6Mask(mask net.IPMask) Option { 38 return func(o *Options) { 39 o.IPv6Mask = mask 40 } 41 } 42 43 // WithTrustForwardHeader will configure the limiter to trust X-Real-IP and X-Forwarded-For headers. 44 // Please be advised that using this option could be insecure (ie: spoofed) if your reverse 45 // proxy is not configured properly to forward a trustworthy client IP. 46 // Please read the section "Limiter behind a reverse proxy" in the README for further information. 47 func WithTrustForwardHeader(enable bool) Option { 48 return func(o *Options) { 49 o.TrustForwardHeader = enable 50 } 51 } 52 53 // WithClientIPHeader will configure the limiter to use a custom header to obtain user IP. 54 // Please be advised that using this option could be insecure (ie: spoofed) if your reverse 55 // proxy is not configured properly to forward a trustworthy client IP. 56 // Please read the section "Limiter behind a reverse proxy" in the README for further information. 57 func WithClientIPHeader(header string) Option { 58 return func(o *Options) { 59 o.ClientIPHeader = header 60 } 61 }