Sets REMOTE_ADDR to the correct value when behind Cloudflare, based on the Cf-Connecting-Ip header, when requests originate from Cloudflare's IP range.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for wolever from gravatar.com wolever

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

Author: David Wolever

Requires: Python >=3.9, <4.0

Classifiers

Project description

wsgi_cloudflare_proxy_fix is a WSGI middleware that safely sets the REMOTE_ADDR environment variable to the value of the Cf-Connecting-Ip header for requests originating from Cloudflare.

In addition, it sets a CF_TRUSTED environment variable to True for all requests originating from Cloudflare.

Installation

Install wsgi_cloudflare_proxy_fix using pip:

pip install wsgi_cloudflare_proxy_fix

Usage

The following examples assume werkzeug.middleware.proxy_fix.ProxyFix is being used to read the X-Forwarded-For and X-Forwarded-Proto headers.

For a standalone WSGI application:

import logging
from wsgi_cloudflare_proxy_fix import CloudflareProxyFix
from werkzeug.middleware.proxy_fix import ProxyFix

application = CloudflareProxyFix(application, log_level=logging.INFO)
application = ProxyFix(application)

For a Flask application:

import logging
from wsgi_cloudflare_proxy_fix import CloudflareProxyFix
from werkzeug.middleware.proxy_fix import ProxyFix

def create_app():
    app = Flask(__name__)
    app.wsgi_app = CloudflareProxyFix(app.wsgi_app, log_level=logging.INFO)
    app.wsgi_app = ProxyFix(app.wsgi_app)
    return app

Testing

To verify the proxy fix is working as expected in your production environment, the CloudflareProxyFixTest middleware can be used by adding the following to your application:

import logging
from wsgi_cloudflare_proxy_fix import CloudflareProxyFix, CloudflareProxyFixTest
from werkzeug.middleware.proxy_fix import ProxyFix

def create_app():
    app = Flask(__name__)
    app.wsig_app = CloudflareProxyFixTest(app.wsgi_app, path="/debug/cf-test")
    app.wsgi_app = CloudflareProxyFix(app.wsgi_app, log_level=logging.INFO)
    app.wsgi_app = ProxyFix(app.wsgi_app)
    return app

And making a request to the debug/cf-test endpoint:

$ curl http://localhost:5000/debug/cf-test
{
    "CF_TRUSTED": null,
    "REMOTE_ADDR": "127.0.0.1"
    "wsgi_cloudflare_proxy_fix.orig": null,
}
$ curl -H 'X-Forwarded-For: 103.31.4.1' -H 'Cf-Connecting-Ip: 1.2.3.4' http://localhost:5000/debug/cf-test
{
    "CF_TRUSTED": true,
    "REMOTE_ADDR": "1.2.3.4",
    "wsgi_cloudflare_proxy_fix.orig": {
        "REMOTE_ADDR": "103.31.4.1"
    }
}

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for wolever from gravatar.com wolever

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

Author: David Wolever

Requires: Python >=3.9, <4.0

Classifiers

Release history Release notifications | RSS feed

This version

0.1.2

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

wsgi_cloudflare_proxy_fix-0.1.2.tar.gz (3.2 kB view hashes)

Uploaded Source

Built Distribution

wsgi_cloudflare_proxy_fix-0.1.2-py3-none-any.whl (3.9 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page