The Allowed Hosts Middleware setting is essential for security. It helps prevent HTTP Host header attacks, where a malicious user might send requests with a fake Host header to trick the server or access it under unintended domain names. Here's why Allowed Hosts Middleware is important:
The Host header in HTTP requests is typically used to determine which domain a user is trying to access. By validating this header against HOSTS, ensures that the request is coming from a trusted source.
If a web application does not restrict the hostnames it serves, attackers could exploit it through techniques like DNS rebinding to bypass security boundaries. HOSTS helps prevent these attacks by only allowing requests from explicitly trusted domains.
If a request is made with an unexpected Host header, raises a 406 NotAcceptable error. If a request is made with an untrusted Host header, raises a 401 Unauthorized error. This provides an extra layer of security and reliability by ensuring the application only serves traffic for intended hosts.
While HOSTS is not a middleware itself, it's checked at an early stage request-handling process, before most middleware is even executed. When receives a request, it compares the Host header against HOSTS. If there’s no match, the request is rejected.
The latest version of AllowedHostsMiddleware requires Swift 5.9 and MacOS v13 or later. You can download this version of the Swift binaries by following this link.
Add the AllowedHostsMiddleware package to the dependencies within your application’s Package.swift file. Substitute "x.x.x" with the latest AllowedHostsMiddleware release.
.package(url: "https://github.com/LLCFreedom-Space/fs-allowed-hosts-middleware.git", from: "x.x.x")Add AllowedHostsMiddleware to your target's dependencies:
.target(name: "AllowedHostsMiddleware", dependencies: ["AllowedHostsMiddleware"]),import AllowedHostsMiddlewareAdd the AllowedHostsMiddleware package to the dependencies within your application’s Package.swift file. Substitute "name branch" with the latest AllowedHostsMiddleware release.
.package(url: "https://github.com/LLCFreedom-Space/fs-allowed-hosts-middleware.git", branch: "name branch")Add AllowedHostsMiddleware to your target's dependencies:
.target(name: "AllowedHostsMiddleware", dependencies: ["AllowedHostsMiddleware"]),import AllowedHostsMiddlewareAn example of a method call from this library
First you need to setup allowed hosts in field - allowedHosts
app.allowedHosts = ["first-host", "second-host"]
After you setup you need to call middleware in configuration
app.middleware.use(AllowedHostsMiddleware)
To access the methods that are in this library, you need to call the application, since this library is an extension to the application
LLC Freedom Space – @LLCFreedomSpace – support@freedomspace.company
Distributed under the GNU AFFERO GENERAL PUBLIC LICENSE Version 3. See LICENSE.md for more information.