announcements

Casey 2025-08-18T20:09:36.077959Z

Announcing https://github.com/outskirtslabs/client-ip, a zero dependency ring middleware for determining a request's "real" client IP address. Getting the IP address of a client making a request to your web application sounds like it should be embarrassingly simple. But it isn't...more at the accompanying blog post: https://casey.link/blog/client-ip-ring-middleware/

👍 24
👍🏻 1
👀 2
1
❤️ 7
🎉 9
Samuel Ludwig 2025-08-18T20:19:15.109149Z

Wow this actually could be really really useful for us (where we have largely just resigned ourselves to assuming no IPs are real because of a clownish amount of indirection with cloudflare capping it on top)

seancorfield 2025-08-18T20:54:17.972499Z

I've always found it weird that ring-headers/proxy-headers returns the last IP which is wrong as soon as you have load balancers etc. We have a four-way conditional to deal with CloudFlare and non-CloudFlare environments so, yeah, this is a great addition to our web library ecosystem! Thanks, @ramblurr!

Casey 2025-08-18T21:12:46.670489Z

Yup, at least ring's proxy-headers defaults to the last (rightmost) value, and not the leftmost like http-kit does by default. Leftmost is trivial to spoof. Re multiple network paths (CF and non CF): that's what the chain strategy is for! I hope it's useful for the community. It's a boring little library that tries to make one surprisingly complicated task easier. Also I think at least half the issue is communication and education around the topic. So if anyone has questions or feedback regarding the docs, please share. Also would appreciate feedback if you give it spin!

❤️ 5
Samuel Ludwig 2025-08-18T21:16:10.326889Z

> It's a boring little library that tries to make one surprisingly complicated task easier. this is my favorite kind of library, there's nothing as soul-crushing as starting on a task that sounds simple and it ends up being a lovecraftian nightmare once you start researching

💯 7
adi 2025-08-19T05:51:30.916659Z

I'm with Samuel... thanks for releasing client-ip! Also, cool projects @ramblurr metal https://casey.link/projects Also, also, hi from another indie dev. who feels quite partial to serving "those at the edge", as you put it. May The Source be with you lightsaber

🙏 1