Context

Certain request metadata, such as the scheme or if the request is secure are not currently available off the HTTP::Request. See crystal-lang/crystal#5784, crystal-lang/crystal#7096, and crystal-lang/crystal#10246 for more details.

It is a common practice to host a web application behind a load balancer or reverse proxy. This by itself is not a problem for Athena. However it does allow a way for that extra metadata to be exposed. However, even if it was directly, they would lose the correct values since they'd be based on the reverse proxy/load balance and not the client's original request.

This PR introduces some additional ATH::Request methods to expose this extra metadata, as well as a means of handling the forwarded and/or x-forwarded-* headers that the proxy would forward to Athena. These will be used to ensure generated URLs in HTTP contexts are generated correctly, taking the proxy servers into account.

This feature is opt-in, and requires the IP addresses/ranges of the proxies that should be trusted to be configured explicitly.

Changelog

• Add support for Proxy Headers
• Add .unquote, .split, and .combine methods to ATH::HeaderUtils
• Add ATH::IPUtils
  • Contains methods for validating if an IP address is in a list of addresses/ranges
• Add #host, #port, #scheme, #secure?, and #from_trusted_proxy? to ATH::Request