Issue 009: Harden client IP extraction for trusted proxy setups
Area: Backend
Priority: High
Files: services/api/src/security.rs, services/api/src/handlers.rs
Problem
x-forwarded-for is trusted without proxy trust boundaries. Attackers can spoof their IP to bypass rate limiting and IP whitelisting.
Acceptance Criteria
- Trusted proxy CIDRs are configurable\n- Spoofed headers are ignored for untrusted sources\n- Tests cover direct and proxied deployments\n- Documentation explains proxy configuration
Issue 009: Harden client IP extraction for trusted proxy setups
Area: Backend
Priority: High
Files: services/api/src/security.rs, services/api/src/handlers.rs
Problem
x-forwarded-for is trusted without proxy trust boundaries. Attackers can spoof their IP to bypass rate limiting and IP whitelisting.
Acceptance Criteria