realip_remote_addr behavior easily leads to insecure code #3750
Description
https://docs.rs/actix-web/3.3.2/actix_web/dev/struct.ConnectionInfo.html#method.realip_remote_addr
This means that you have to use different functions depending on whether the application is behind a reverse proxy or not. But you tpyically do not want to recompile an application for something like this.
It would be much better if there was a config option indicating that the application is behind a proxy, and in that case have remote_addr return the correct one.
Realistically, there's a good chance that applications just use realip_remote_addr unconditionally, making it vulnerable to IP spoofing when it's not running behind a reverse proxy.
FWIW, the host logic seems to be similarly broken, since you can most likely pass a "bad" host header to an application if it's not behind a reverse proxy or that proxy does not filter out all the header this create uses.
FWIW, I recommend looking at how the ProxyFix middleware for the werkzeug Python web framework is implemented. It's opt-in, and lets you specify which proxy adds the data you want (in case of multiple proxies all adding to the headers).