Gathering detailed insights and metrics for @fastify/proxy-addr
Gathering detailed insights and metrics for @fastify/proxy-addr
Gathering detailed insights and metrics for @fastify/proxy-addr
Gathering detailed insights and metrics for @fastify/proxy-addr
Determine the address of a proxied request
npm install @fastify/proxy-addr
Typescript
Module System
Node Version
NPM Version
99.4
Supply Chain
100
Quality
82
Maintenance
100
Vulnerability
100
License
JavaScript (96.61%)
TypeScript (3.39%)
Total Downloads
16,766,437
Last Day
35,865
Last Week
693,028
Last Month
2,817,630
Last Year
11,145,603
NOASSERTION License
6 Stars
348 Commits
3 Forks
12 Watchers
2 Branches
18 Contributors
Updated on Jul 01, 2025
Minified
Minified + Gzipped
Latest Version
5.0.0
Package Id
@fastify/proxy-addr@5.0.0
Unpacked Size
35.67 kB
Size
8.09 kB
File Count
18
NPM Version
10.8.1
Node Version
20.16.0
Published on
Sep 04, 2024
Cumulative downloads
Total Downloads
Last Day
7.4%
35,865
Compared to previous day
Last Week
-5.1%
693,028
Compared to previous week
Last Month
14.1%
2,817,630
Compared to previous month
Last Year
1,911.7%
11,145,603
Compared to previous year
2
Determine the address of a proxied request.
Forked from https://github.com/jshttp/proxy-addr to address https://github.com/jshttp/forwarded/pull/9.
1$ npm i @fastify/proxy-addr
1const proxyaddr = require('@fastify/proxy-addr')
Return the address of the request, using the given trust
parameter.
The trust
argument is a function that returns true
if you trust
the address, false
if you don't. The closest untrusted address is
returned.
1proxyaddr(req, function (addr) { return addr === '127.0.0.1' }) 2proxyaddr(req, function (addr, i) { return i < 1 })
The trust
argument may also be a single IP address string or an
array of trusted addresses, as plain IP addresses, CIDR-formatted
strings, or IP/netmask strings.
1proxyaddr(req, '127.0.0.1') 2proxyaddr(req, ['127.0.0.0/8', '10.0.0.0/8']) 3proxyaddr(req, ['127.0.0.0/255.0.0.0', '192.168.0.0/255.255.0.0'])
This module also supports IPv6. Your IPv6 addresses will be normalized
automatically (i.e. fe80::00ed:1
equals fe80:0:0:0:0:0:ed:1
).
1proxyaddr(req, '::1') 2proxyaddr(req, ['::1/128', 'fe80::/10'])
This module will automatically work with IPv4-mapped IPv6 addresses
as well to support node.js in IPv6-only mode. This means that you do
not have to specify both ::ffff:a00:1
and 10.0.0.1
.
As a convenience, this module also takes certain pre-defined names in addition to IP addresses, which expand into IP addresses:
1proxyaddr(req, 'loopback') 2proxyaddr(req, ['loopback', 'fc00:ac:1ab5:fff::1/64'])
loopback
: IPv4 and IPv6 loopback addresses (like ::1
and
127.0.0.1
).linklocal
: IPv4 and IPv6 link-local addresses (like
fe80::1:1:1:1
and 169.254.0.1
).uniquelocal
: IPv4 private addresses and IPv6 unique-local
addresses (like fc00:ac:1ab5:fff::1
and 192.168.0.1
).When trust
is specified as a function, it will be called for each
address to determine if it is a trusted address. The function is
given two arguments: addr
and i
, where addr
is a string of
the address to check and i
is a number that represents the distance
from the socket address.
Return all the request addresses, optionally stopping at the
first untrusted. This array is ordered from closest to furthest
(i.e. arr[0] === req.connection.remoteAddress
).
1proxyaddr.all(req)
The optional trust
argument takes the same arguments as trust
does in proxyaddr(req, trust)
.
1proxyaddr.all(req, 'loopback')
Compiles argument val
into a trust
function. This function takes
the same arguments as trust
does in proxyaddr(req, trust)
and
returns a function suitable for proxyaddr(req, trust)
.
1const trust = proxyaddr.compile('loopback') 2const addr = proxyaddr(req, trust)
This function is meant to be optimized for use against every request. It is recommended that a trust function be compiled up-front for the trusted configuration and passed to proxyaddr(req, trust) for each request.
1$ npm test
1$ npm run bench
Licensed under MIT.
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
no dangerous workflow patterns detected
Reason
GitHub workflow tokens follow principle of least privilege
Details
Reason
0 existing vulnerabilities detected
Reason
security policy file detected
Details
Reason
SAST tool is run on all commits
Details
Reason
license file detected
Details
Reason
Found 5/21 approved changesets -- score normalized to 2
Reason
3 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 2
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
Score
Last Scanned on 2025-06-30
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More