Add Handshake::forwarded_addr() to get a trusted forwarded address

[zuckschwerdt]

The X-Forwarded-For header is implicitly untrustworthy, the need may arise to get the last trusted address in a reverse proxy chain.

This adds Handshake::forwarded_addr(trusted) and Request::forwarded_addr(trusted)
to get a address at exactly specified trusted proxy depth.

E.g. in the common example of a service behind a Apache or Nginx reverse proxy use forwarded_addr(1) to get the rightmost X-Forwarded-For header address.
Using forwarded_addr(0) will always return the direct peer address.

I'm currently using this as extension trait and it's confirmed to work well.

[peddermaster2]

This function would be helpful, if it was accessible.

Github stops me from suggesting, so I just write it out.
The #[allow(dead_code)] is not nessesary when the function gets a pub

[zuckschwerdt]

This is modelled exactly along the existing functions and API. I'd rather have this merged with no fuss than propose an new API.

[JeviScript]

Should not it say "left most address", or I am understanding it wrong ?

[zuckschwerdt]

The n'th (with n=trusted) address from the right end. Usually an address farther to the left (front) can't be trusted -- it's an arbitrary value from a proxy /client farther away from the server. E.g. if I only trust my own proxy, I want the last (right most) entry.

If a request goes through multiple proxies, the IP addresses of each successive proxy is listed. This means, the right-most IP address is the IP address of the most recent proxy and the left-most IP address is the IP address of the originating client.
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-For#Directives

[JeviScript]

Huge thanks for the explanation. Also, I must be blind, cos I did not notice rsplit instead of split. So, apologies, my bad.