Home / golang

how to fix golang gin warning: "you trusted all proxies this is not safe. we recommend you to set a value"

Posted on:2023-04-24 Views:8256 Words:234

When run golang gin server in my development environment, some warning message shows:

- [GIN-debug] [WARNING] You trusted all proxies, this is NOT safe. We recommend you to set a value.
Please check https://pkg.go.dev/github.com/gin-gonic/gin#readme-don-t-trust-all-proxies for details.

fix

r := gin.Default()
r.ForwardedByClientIP = true
r.SetTrustedProxies([]string{"127.0.0.1"})

Then rebuild project, and run server, no warning message, great!

error code from chatgpt

Below is response from ChatGPT, but the 3rd line code is wrong.

If you are using the Golang Gin framework and receiving the warning “you trusted all proxies this is not safe. we recommend you to set a value”, it means that your application is currently configured to trust all incoming proxy requests, which can be a security risk.

To fix this issue, you should update your Gin configuration to specify the IP addresses or networks of trusted proxy servers. This can be done by setting the TrustedProxies property in your Gin router:

router := gin.Default()
router.ForwardedByClientIP = true
router.TrustedProxies = []string{"192.168.1.2", "10.0.0.0/8"}

In the example above, we are specifying two trusted proxy server IP addresses (192.168.1.2 and any IP address within the 10.0.0.0/8 network). You should replace these values with the appropriate IP addresses or network ranges for your own environment.

Once you have updated your Gin configuration, you should no longer see the warning message and your application will be more secure against potential proxy-based attacks.