From d085bc08b868210b70e7372fe8d9142916105b84 Mon Sep 17 00:00:00 2001
From: Chris Amico <eyeseast@gmail.com>
Date: Wed, 4 Dec 2024 16:09:01 -0500
Subject: [PATCH 1/2] Add headers to tell the API who we are

---
 src/hooks.server.ts | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/hooks.server.ts b/src/hooks.server.ts
index a56eae4a1..83dcdddd8 100644
--- a/src/hooks.server.ts
+++ b/src/hooks.server.ts
@@ -22,7 +22,16 @@ export async function handleFetch({ event, request, fetch }) {
   if (request.url.startsWith(DC_BASE)) {
     // handle docker issues
     event.url.protocol = "https";
+
+    // pass through session cookie
     request.headers.append("cookie", event.request.headers.get("cookie") ?? "");
+
+    // tell the API who we are
+    request.headers.append("x-real-ip", event.getClientAddress());
+    request.headers.set(
+      "x-bypass-rate-limit",
+      env.BYPASS_RATE_LIMIT_SECRET ?? "",
+    );
   }
 
   return fetch(request);

From 1126df7507e6d104b60895a8a239bd7744fc1bc9 Mon Sep 17 00:00:00 2001
From: Chris Amico <eyeseast@gmail.com>
Date: Wed, 4 Dec 2024 16:18:13 -0500
Subject: [PATCH 2/2] x-forwarded-for

---
 src/hooks.server.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/hooks.server.ts b/src/hooks.server.ts
index 83dcdddd8..7f0e39b11 100644
--- a/src/hooks.server.ts
+++ b/src/hooks.server.ts
@@ -27,7 +27,7 @@ export async function handleFetch({ event, request, fetch }) {
     request.headers.append("cookie", event.request.headers.get("cookie") ?? "");
 
     // tell the API who we are
-    request.headers.append("x-real-ip", event.getClientAddress());
+    request.headers.append("x-forwarded-for", event.getClientAddress());
     request.headers.set(
       "x-bypass-rate-limit",
       env.BYPASS_RATE_LIMIT_SECRET ?? "",