mirror of
https://github.com/mjl-/mox.git
synced 2025-06-27 19:08:15 +03:00
f1259ee80e
another approach i looked at was enabling/disabling rate limiting per web handler. but we want to apply the rate limit as early as possible (not after we've already done quite some work for the request), and with per-handler rate limits on/off the code would be sprinkled with calls to rate limiting. this is probably good enough for now. other protocols are less likely to need this. we were always using the ip address of the connection for rate limiting. but some setups have a reverse proxy in front. if any handler on a http/https port is marked as "forwarded" (with a reverse proxy), we use the ip address from the x-forwarded-for header (like we already did for authentication requests over http). for issue #346