Safe Haskell | Trustworthy |
---|---|
Language | Haskell2010 |
HAProxy proxying protocol support (see http://haproxy.1wt.eu/download/1.5/doc/proxy-protocol.txt) for applications using io-streams. The proxy protocol allows information about a networked peer (like remote address and port) to be propagated through a forwarding proxy that is configured to speak this protocol.
This approach is safer than other alternatives like injecting a special HTTP header (like "X-Forwarded-For") because the data is sent out of band, requests without the proxy header fail, and proxy data cannot be spoofed by the client.
Synopsis
- behindHAProxy :: Socket -> SockAddr -> (ProxyInfo -> InputStream ByteString -> OutputStream ByteString -> IO a) -> IO a
- behindHAProxyWithLocalInfo :: ProxyInfo -> (InputStream ByteString, OutputStream ByteString) -> (ProxyInfo -> InputStream ByteString -> OutputStream ByteString -> IO a) -> IO a
- decodeHAProxyHeaders :: ProxyInfo -> InputStream ByteString -> IO ProxyInfo
- data ProxyInfo
- socketToProxyInfo :: Socket -> SockAddr -> IO ProxyInfo
- makeProxyInfo :: SockAddr -> SockAddr -> Family -> SocketType -> ProxyInfo
- getSourceAddr :: ProxyInfo -> SockAddr
- getDestAddr :: ProxyInfo -> SockAddr
- getFamily :: ProxyInfo -> Family
- getSocketType :: ProxyInfo -> SocketType
Proxying requests.
:: Socket | A socket you've just accepted |
-> SockAddr | and its peer address |
-> (ProxyInfo -> InputStream ByteString -> OutputStream ByteString -> IO a) | |
-> IO a |
Parses the proxy headers emitted by HAProxy and runs a user action with
the origin/destination socket addresses provided by HAProxy. Will throw a
ParseException
if the protocol header cannot be parsed properly.
We support version 1.5 of the protocol (both the "old" text protocol and the "new" binary protocol.). Typed data fields after the addresses are not (yet) supported.
behindHAProxyWithLocalInfo Source #
:: ProxyInfo | local socket info |
-> (InputStream ByteString, OutputStream ByteString) | socket streams |
-> (ProxyInfo -> InputStream ByteString -> OutputStream ByteString -> IO a) | user function |
-> IO a |
Like behindHAProxy
, but allows the socket addresses and input/output
streams to be passed in instead of created based on an input Socket
.
Useful for unit tests.
Information about proxied requests.
Stores information about the proxied request.
socketToProxyInfo :: Socket -> SockAddr -> IO ProxyInfo Source #
Make a ProxyInfo
from a connected socket.
:: SockAddr | the source address |
-> SockAddr | the destination address |
-> Family | the socket family |
-> SocketType | the socket type |
-> ProxyInfo |
Makes a ProxyInfo
object.
getSourceAddr :: ProxyInfo -> SockAddr Source #
Gets the network address of the source node for this request (i.e. the client).
getDestAddr :: ProxyInfo -> SockAddr Source #
Gets the network address of the destination node for this request (i.e. the client).
getFamily :: ProxyInfo -> Family Source #
Gets the Family
of the proxied request (i.e. IPv4IPv6Unix domain
sockets).
getSocketType :: ProxyInfo -> SocketType Source #
Gets the SocketType
of the proxied request (UDP/TCP).