Summary
Improve the client rate-limiting partition key fallback used when HttpContext.Connection.RemoteIpAddress is unavailable.
Background
The current client partition key uses RemoteIpAddress?.ToString() ?? "unknown-client". While simple, the shared "unknown-client" fallback can cause unrelated requests to share the same rate-limit bucket if client IP resolution fails. In reverse-proxy/load-balancer scenarios, the more common risk is proxy aggregation when forwarded headers are not configured or trusted correctly.
Goals
- Preserve use of ASP.NET Core Forwarded Headers Middleware as the trusted source of client IP resolution.
- Avoid directly trusting raw
X-Forwarded-For values inside the rate limiter.
- Replace or make configurable the shared
"unknown-client" fallback.
- Add logging when the fallback path is used.
- Document the importance of
KnownProxies / KnownNetworks and middleware ordering.
Acceptance Criteria
- Client IP partitioning continues to use
HttpContext.Connection.RemoteIpAddress.
- Fallback no longer silently collapses all unresolved clients into a single shared bucket unless explicitly configured.
- A warning/debug log is emitted when client IP is unavailable.
- Documentation notes that
UseForwardedHeaders() must run before middleware that depends on client IP.
- Documentation warns against trusting raw forwarded headers without trusted proxy configuration.
Summary
Improve the client rate-limiting partition key fallback used when
HttpContext.Connection.RemoteIpAddressis unavailable.Background
The current client partition key uses
RemoteIpAddress?.ToString() ?? "unknown-client". While simple, the shared"unknown-client"fallback can cause unrelated requests to share the same rate-limit bucket if client IP resolution fails. In reverse-proxy/load-balancer scenarios, the more common risk is proxy aggregation when forwarded headers are not configured or trusted correctly.Goals
X-Forwarded-Forvalues inside the rate limiter."unknown-client"fallback.KnownProxies/KnownNetworksand middleware ordering.Acceptance Criteria
HttpContext.Connection.RemoteIpAddress.UseForwardedHeaders()must run before middleware that depends on client IP.