Limit X-Forwarded-For headers to approved CIDR blocks only

[robd003]

Title: Ignore X-Forwarded-For unless client IP is in approved ACL of CIDR blocks

Description: The issue with relying on X-Forwarded-For is that those can be forged easily. If there was a way to restrict the existing X-Forwarded-* headers so they only applied to certain IP ranges that would be great. If we could have a built-in option to dynamically load IP ranges from CloudFlare upon start (with a refresh once a week) that would be a really fantastic solution.

[optional Relevant Links:]
https://datatracker.ietf.org/doc/html/rfc7239
https://developers.cloudflare.com/support/troubleshooting/restoring-visitor-ips/restoring-original-visitor-ips/
https://www.cloudflare.com/ips/

[wbpcode]

Basically, a trusty hop should be set to select a IP from the xff list. By this way, we can ensure the IP should be a trusty IP. Is there any reason that this trusty hop couldn't be used or cannot meet your requirement?

And the original_ip_detection now is an extendable extension point. You can create a new extension for you requirement or extend current xff extension.

[github-actions]

This issue has been automatically marked as stale because it has not had activity in the last 30 days. It will be closed in the next 7 days unless it is tagged "help wanted" or "no stalebot" or other activity occurs. Thank you for your contributions.

[github-actions]

This issue has been automatically closed because it has not had activity in the last 37 days. If this issue is still valid, please ping a maintainer and ask them to label it as "help wanted" or "no stalebot". Thank you for your contributions.