1 год назад · 20c014ba8d
--- a/docs/config.md
+++ b/docs/config.md
@@ -555,12 +555,13 @@ Whatever your reasons may be, there are a few things to consider.
 
				 If you are running ntfy behind a proxy, you should set the `behind-proxy` flag. This will instruct the 
			
 
				 [rate limiting](#rate-limiting) logic to use the `X-Forwarded-For` header as the primary identifier for a visitor, 
			
 
				 as opposed to the remote IP address. If the `behind-proxy` flag is not set, all visitors will
			
 
				-be counted as one, because from the perspective of the ntfy server, they all share the proxy's IP address.
			
 
				+be counted as one, because from the perspective of the ntfy server, they all share the proxy's IP address. If your proxy or CDN provider uses a custom header to securely pass the source IP/Client IP to your application, you can specify that header instead of using the XFF. Using the custom header (unique per provide/cdn/proxy), will disable the use of the XFF header.
			
 
				 
			
 
				 === "/etc/ntfy/server.yml"
			
 
				     ``` yaml
			
 
				     # Tell ntfy to use "X-Forwarded-For" to identify visitors
			
 
				     behind-proxy: true
			
 
				+    proxy-client-ip-header: "X-Client-IP"
			
 
				     ```
			
 
				 
			
 
				 ### TLS/SSL
			
--- a/server/server_test.go
+++ b/server/server_test.go
@@ -7,8 +7,6 @@ import (
 
				 	"encoding/base64"
			
 
				 	"encoding/json"
			
 
				 	"fmt"
			
 
				-	"golang.org/x/crypto/bcrypt"
			
 
				-	"heckel.io/ntfy/v2/user"
			
 
				 	"io"
			
 
				 	"net/http"
			
 
				 	"net/http/httptest"
			
@@ -22,6 +20,9 @@ import (
 
				 	"testing"
			
 
				 	"time"
			
 
				 
			
 
				+	"golang.org/x/crypto/bcrypt"
			
 
				+	"heckel.io/ntfy/v2/user"
			
 
				+
			
 
				 	"github.com/SherClockHolmes/webpush-go"
			
 
				 	"github.com/stretchr/testify/require"
			
 
				 	"heckel.io/ntfy/v2/log"
			
@@ -2181,6 +2182,19 @@ func TestServer_Visitor_XForwardedFor_Multiple(t *testing.T) {
 
				 	require.Equal(t, "234.5.2.1", v.ip.String())
			
 
				 }
			
 
				 
			
 
				+func TestServer_Visitor_Custom_ClientIP_Header(t *testing.T) {
			
 
				+	c := newTestConfig(t)
			
 
				+	c.BehindProxy = true
			
 
				+	c.ProxyClientIPHeader = "X-Client-IP"
			
 
				+	s := newTestServer(t, c)
			
 
				+	r, _ := http.NewRequest("GET", "/bla", nil)
			
 
				+	r.RemoteAddr = "8.9.10.11"
			
 
				+	r.Header.Set("X-Client-IP", "1.2.3.4")
			
 
				+	v, err := s.maybeAuthenticate(r)
			
 
				+	require.Nil(t, err)
			
 
				+	require.Equal(t, "1.2.3.4", v.ip.String())
			
 
				+}
			
 
				+
			
 
				 func TestServer_PublishWhileUpdatingStatsWithLotsOfMessages(t *testing.T) {
			
 
				 	t.Parallel()
			
 
				 	count := 50000