uvicorn 0.30.6__py3-none-any.whl → 0.31.0__py3-none-any.whl

uvicorn/__init__.py

@@ -1,5 +1,5 @@
 from uvicorn.config import Config
 from uvicorn.main import Server, main, run
 
-__version__ = "0.30.6"
+__version__ = "0.31.0"
 __all__ = ["main", "run", "Config", "Server"]

uvicorn/main.py

@@ -240,8 +240,10 @@ def print_version(ctx: click.Context, param: click.Parameter, value: bool) -> No
     "--forwarded-allow-ips",
     type=str,
     default=None,
-    help="Comma separated list of IPs to trust with proxy headers. Defaults to"
-    " the $FORWARDED_ALLOW_IPS environment variable if available, or '127.0.0.1'.",
+    help="Comma separated list of IP Addresses, IP Networks, or literals "
+    "(e.g. UNIX Socket path) to trust with proxy headers. Defaults to the "
+    "$FORWARDED_ALLOW_IPS environment variable if available, or '127.0.0.1'. "
+    "The literal '*' means trust everything.",
 )
 @click.option(
     "--root-path",

uvicorn/middleware/proxy_headers.py

@@ -1,70 +1,142 @@
-"""
-This middleware can be used when a known proxy is fronting the application,
-and is trusted to be properly setting the `X-Forwarded-Proto` and
-`X-Forwarded-For` headers with the connecting client information.
+from __future__ import annotations
 
-Modifies the `client` and `scheme` information so that they reference
-the connecting client, rather that the connecting proxy.
+import ipaddress
 
-https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers#Proxies
-"""
+from uvicorn._types import ASGI3Application, ASGIReceiveCallable, ASGISendCallable, Scope
 
-from __future__ import annotations
 
-from typing import Union, cast
+class ProxyHeadersMiddleware:
+    """Middleware for handling known proxy headers
 
-from uvicorn._types import ASGI3Application, ASGIReceiveCallable, ASGISendCallable, HTTPScope, Scope, WebSocketScope
+    This middleware can be used when a known proxy is fronting the application,
+    and is trusted to be properly setting the `X-Forwarded-Proto` and
+    `X-Forwarded-For` headers with the connecting client information.
 
+    Modifies the `client` and `scheme` information so that they reference
+    the connecting client, rather that the connecting proxy.
 
-class ProxyHeadersMiddleware:
-    def __init__(
-        self,
-        app: ASGI3Application,
-        trusted_hosts: list[str] | str = "127.0.0.1",
-    ) -> None:
+    References:
+    - <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers#Proxies>
+    - <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-For>
+    """
+
+    def __init__(self, app: ASGI3Application, trusted_hosts: list[str] | str = "127.0.0.1") -> None:
         self.app = app
-        if isinstance(trusted_hosts, str):
-            self.trusted_hosts = {item.strip() for item in trusted_hosts.split(",")}
-        else:
-            self.trusted_hosts = set(trusted_hosts)
-        self.always_trust = "*" in self.trusted_hosts
+        self.trusted_hosts = _TrustedHosts(trusted_hosts)
 
-    def get_trusted_client_host(self, x_forwarded_for_hosts: list[str]) -> str | None:
-        if self.always_trust:
-            return x_forwarded_for_hosts[0]
+    async def __call__(self, scope: Scope, receive: ASGIReceiveCallable, send: ASGISendCallable) -> None:
+        if scope["type"] == "lifespan":
+            return await self.app(scope, receive, send)
 
-        for host in reversed(x_forwarded_for_hosts):
-            if host not in self.trusted_hosts:
-                return host
+        client_addr = scope.get("client")
+        client_host = client_addr[0] if client_addr else None
 
-        return None  # pragma: full coverage
+        if client_host in self.trusted_hosts:
+            headers = dict(scope["headers"])
 
-    async def __call__(self, scope: Scope, receive: ASGIReceiveCallable, send: ASGISendCallable) -> None:
-        if scope["type"] in ("http", "websocket"):
-            scope = cast(Union["HTTPScope", "WebSocketScope"], scope)
-            client_addr: tuple[str, int] | None = scope.get("client")
-            client_host = client_addr[0] if client_addr else None
-
-            if self.always_trust or client_host in self.trusted_hosts:
-                headers = dict(scope["headers"])
-
-                if b"x-forwarded-proto" in headers:
-                    # Determine if the incoming request was http or https based on
-                    # the X-Forwarded-Proto header.
-                    x_forwarded_proto = headers[b"x-forwarded-proto"].decode("latin1").strip()
+            if b"x-forwarded-proto" in headers:
+                x_forwarded_proto = headers[b"x-forwarded-proto"].decode("latin1").strip()
+
+                if x_forwarded_proto in {"http", "https", "ws", "wss"}:
                     if scope["type"] == "websocket":
                         scope["scheme"] = x_forwarded_proto.replace("http", "ws")
                     else:
                         scope["scheme"] = x_forwarded_proto
 
-                if b"x-forwarded-for" in headers:
-                    # Determine the client address from the last trusted IP in the
-                    # X-Forwarded-For header. We've lost the connecting client's port
-                    # information by now, so only include the host.
-                    x_forwarded_for = headers[b"x-forwarded-for"].decode("latin1")
-                    x_forwarded_for_hosts = [item.strip() for item in x_forwarded_for.split(",")]
-                    host = self.get_trusted_client_host(x_forwarded_for_hosts)
+            if b"x-forwarded-for" in headers:
+                x_forwarded_for = headers[b"x-forwarded-for"].decode("latin1")
+                host = self.trusted_hosts.get_trusted_client_host(x_forwarded_for)
+
+                if host:
+                    # If the x-forwarded-for header is empty then host is an empty string.
+                    # Only set the client if we actually got something usable.
+                    # See: https://github.com/encode/uvicorn/issues/1068
+
+                    # We've lost the connecting client's port information by now,
+                    # so only include the host.
                     port = 0
-                    scope["client"] = (host, port)  # type: ignore[arg-type]
+                    scope["client"] = (host, port)
 
         return await self.app(scope, receive, send)
+
+
+def _parse_raw_hosts(value: str) -> list[str]:
+    return [item.strip() for item in value.split(",")]
+
+
+class _TrustedHosts:
+    """Container for trusted hosts and networks"""
+
+    def __init__(self, trusted_hosts: list[str] | str) -> None:
+        self.always_trust: bool = trusted_hosts == "*"
+
+        self.trusted_literals: set[str] = set()
+        self.trusted_hosts: set[ipaddress.IPv4Address | ipaddress.IPv6Address] = set()
+        self.trusted_networks: set[ipaddress.IPv4Network | ipaddress.IPv6Network] = set()
+
+        # Notes:
+        # - We separate hosts from literals as there are many ways to write
+        #   an IPv6 Address so we need to compare by object.
+        # - We don't convert IP Address to single host networks (e.g. /32 / 128) as
+        #   it more efficient to do an address lookup in a set than check for
+        #   membership in each network.
+        # - We still allow literals as it might be possible that we receive a
+        #   something that isn't an IP Address e.g. a unix socket.
+
+        if not self.always_trust:
+            if isinstance(trusted_hosts, str):
+                trusted_hosts = _parse_raw_hosts(trusted_hosts)
+
+            for host in trusted_hosts:
+                # Note: because we always convert invalid IP types to literals it
+                # is not possible for the user to know they provided a malformed IP
+                # type - this may lead to unexpected / difficult to debug behaviour.
+
+                if "/" in host:
+                    # Looks like a network
+                    try:
+                        self.trusted_networks.add(ipaddress.ip_network(host))
+                    except ValueError:
+                        # Was not a valid IP Network
+                        self.trusted_literals.add(host)
+                else:
+                    try:
+                        self.trusted_hosts.add(ipaddress.ip_address(host))
+                    except ValueError:
+                        # Was not a valid IP Address
+                        self.trusted_literals.add(host)
+
+    def __contains__(self, host: str | None) -> bool:
+        if self.always_trust:
+            return True
+
+        if not host:
+            return False
+
+        try:
+            ip = ipaddress.ip_address(host)
+            if ip in self.trusted_hosts:
+                return True
+            return any(ip in net for net in self.trusted_networks)
+
+        except ValueError:
+            return host in self.trusted_literals
+
+    def get_trusted_client_host(self, x_forwarded_for: str) -> str:
+        """Extract the client host from x_forwarded_for header
+
+        In general this is the first "untrusted" host in the forwarded for list.
+        """
+        x_forwarded_for_hosts = _parse_raw_hosts(x_forwarded_for)
+
+        if self.always_trust:
+            return x_forwarded_for_hosts[0]
+
+        # Note: each proxy appends to the header list so check it in reverse order
+        for host in reversed(x_forwarded_for_hosts):
+            if host not in self:
+                return host
+
+        # All hosts are trusted meaning that the client was also a trusted proxy
+        # See https://github.com/encode/uvicorn/issues/1068#issuecomment-855371576
+        return x_forwarded_for_hosts[0]

{uvicorn-0.30.6.dist-info → uvicorn-0.31.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.3
 Name: uvicorn
-Version: 0.30.6
+Version: 0.31.0
 Summary: The lightning-fast ASGI server.
 Project-URL: Changelog, https://github.com/encode/uvicorn/blob/master/CHANGELOG.md
 Project-URL: Funding, https://github.com/sponsors/encode

{uvicorn-0.30.6.dist-info → uvicorn-0.31.0.dist-info}/RECORD

@@ -1,11 +1,11 @@
-uvicorn/__init__.py,sha256=o3l1sMdW81iZNyIR--S-G0OX1ua9vRy24ml-4PSD9H4,147
+uvicorn/__init__.py,sha256=C-q5FbOk-czeRzwHSldRMGQJKWQE5uLkJc9U3BvMCb8,147
 uvicorn/__main__.py,sha256=DQizy6nKP0ywhPpnCHgmRDYIMfcqZKVEzNIWQZjqtVQ,62
 uvicorn/_subprocess.py,sha256=HbfRnsCkXyg7xCWVAWWzXQTeWlvLKfTlIF5wevFBkR4,2766
 uvicorn/_types.py,sha256=TcUzCyKNq90ZX2Hxa6ce0juF558zLO_AyBB1XijnD2Y,7814
 uvicorn/config.py,sha256=4PZiIBMV8Bu8pNq63-P3pv5ynyEGz-K0aVoC98Y5hrQ,20830
 uvicorn/importer.py,sha256=nRt0QQ3qpi264-n_mR0l55C2ddM8nowTNzT1jsWaam8,1128
 uvicorn/logging.py,sha256=sg4D9lHaW_kKQj_kmP-bolbChjKfhBuihktlWp8RjSI,4236
-uvicorn/main.py,sha256=jmZOCNq5frbWmlflJpGJ1wpqPxlXTDxcN8bGm2TQfSo,16783
+uvicorn/main.py,sha256=zWgYECz0qZh0kj0Y-IoF0AthvohKz9hmzqMyDEOwa80,16896
 uvicorn/py.typed,sha256=AbpHGcgLb-kRsJGnwFEktk7uzpZOCcBY74-YBdrKVGs,1
 uvicorn/server.py,sha256=pIpMlW1WMWxarhM3wuZrffX0OcTEKoZXA82oY_M25d8,12879
 uvicorn/workers.py,sha256=DukTKlrCyyvWVHbJWBJflIV2yUe-q6KaGdrEwLrNmyc,3893
@@ -19,7 +19,7 @@ uvicorn/loops/uvloop.py,sha256=K4QybYVxtK9C2emDhDPUCkBXR4XMT5Ofv9BPFPoX0ok,148
 uvicorn/middleware/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 uvicorn/middleware/asgi2.py,sha256=YQrQNm3RehFts3mzk3k4yw8aD8Egtj0tRS3N45YkQa0,394
 uvicorn/middleware/message_logger.py,sha256=IHEZUSnFNaMFUFdwtZO3AuFATnYcSor-gVtOjbCzt8M,2859
-uvicorn/middleware/proxy_headers.py,sha256=McSfCWvhMEFOTkUbQWgnt9QCBIAY9RfFSaEZboBbAYg,3065
+uvicorn/middleware/proxy_headers.py,sha256=fUMuYPOA23IJ3zQQBv5GOV1g8yu6hA5RpXhOXgnFu7Y,5781
 uvicorn/middleware/wsgi.py,sha256=TBeG4W_gEmWddbGfWyxdzJ0IDaWWkJZyF8eIp-1fv0U,7111
 uvicorn/protocols/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 uvicorn/protocols/utils.py,sha256=rCjYLd4_uwPeZkbRXQ6beCfxyI_oYpvJCwz3jEGNOiE,1849
@@ -38,8 +38,8 @@ uvicorn/supervisors/multiprocess.py,sha256=Opt0XvOUj1DIMXYwb4OlkJZxeh_RjweFnTmDP
 uvicorn/supervisors/statreload.py,sha256=gc-HUB44f811PvxD_ZIEQYenM7mWmhQQjYg7KKQ1c5o,1542
 uvicorn/supervisors/watchfilesreload.py,sha256=41FGNMXPKrKvPr-5O8yRWg43l6OCBtapt39M-gpdk0E,3010
 uvicorn/supervisors/watchgodreload.py,sha256=kd-gOvp14ArTNIc206Nt5CEjZZ4NP2UmMVYE7571yRQ,5486
-uvicorn-0.30.6.dist-info/METADATA,sha256=8mHWCwo1g631l-1XL1Km8_W6ik_qHHawLJfb792sKF4,6569
-uvicorn-0.30.6.dist-info/WHEEL,sha256=1yFddiXMmvYK7QYTqtRNtX66WJ0Mz8PYEiEUoOUUxRY,87
-uvicorn-0.30.6.dist-info/entry_points.txt,sha256=FW1w-hkc9QgwaGoovMvm0ZY73w_NcycWdGAUfDsNGxw,46
-uvicorn-0.30.6.dist-info/licenses/LICENSE.md,sha256=7-Gs8-YvuZwoiw7HPlp3O3Jo70Mg_nV-qZQhTktjw3E,1526
-uvicorn-0.30.6.dist-info/RECORD,,
+uvicorn-0.31.0.dist-info/METADATA,sha256=VKk1dOX3pwKhtJjjDXFzq6teX5AMs_jvlSofsXUJUrQ,6569
+uvicorn-0.31.0.dist-info/WHEEL,sha256=1yFddiXMmvYK7QYTqtRNtX66WJ0Mz8PYEiEUoOUUxRY,87
+uvicorn-0.31.0.dist-info/entry_points.txt,sha256=FW1w-hkc9QgwaGoovMvm0ZY73w_NcycWdGAUfDsNGxw,46
+uvicorn-0.31.0.dist-info/licenses/LICENSE.md,sha256=7-Gs8-YvuZwoiw7HPlp3O3Jo70Mg_nV-qZQhTktjw3E,1526
+uvicorn-0.31.0.dist-info/RECORD,,