Support for trusted proxies in ForwardedRequestCustomizer

[netomi]

I added some comment this this closed issue:

#5484 (comment)

its outlining a use-case for NOT using getLeftMost() to extract the remote IP address, but instead add a configuration for trusted / internal proxies and you take the first value left of the last trusted proxy.

Tomcat has support for that and it would be great if this would also be builtin into jetty.

From a security review I got the feedback that this is one of the most detected attack vectors in virtually any review where there is no proper sanitization of the mechanism to get the remote address of a request.

WDYT?

[netomi]

the solution that we use right now is to not rely on the way the forwarded headers are analysed but rather configure that on the proxy itself (use an explicit X-Real-IP header set to the $remote_addr), however it would be useful to be able to entirely configure that with the app instead of ensuring that configuration at different places are in sync, especially considering cloud setups where this could prove difficult.