marcel/familienarchiv
1
0
Fork 0
Code Issues 111 Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
4f1594390ec656002d6d5bba480aaf36f5a0a285
familienarchiv/backend/src
History
Marcel 20fe83d889 docs(auth): document XFF trust-the-proxy assumption on resolveClientIp 
Pure-comment change: spell out that resolveClientIp's leftmost-X-Forwarded-For
strategy is safe only because Caddy strips client-supplied XFF before
forwarding. Future readers swapping the ingress have a tripwire. Addresses PR
#612 / Nora concern (XFF trust documentation).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-17 22:41:39 +02:00
..
main
docs(auth): document XFF trust-the-proxy assumption on resolveClientIp
2026-05-17 22:41:39 +02:00
test
test(auth): login response never leaks the password field
2026-05-17 22:40:41 +02:00