Obsolete Microsoft.AspNetCore.HttpOverrides.IPNetwork (#62490)

Author: WeihanLi

src/DefaultBuilder/src/ForwardedHeadersOptionsSetup.cs

@@ -27,7 +27,10 @@ public void Configure(ForwardedHeadersOptions options)
         options.ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;
         // Only loopback proxies are allowed by default. Clear that restriction because forwarders are
         // being enabled by explicit configuration.
+#pragma warning disable ASPDEPR005 // KnownNetworks is obsolete
         options.KnownNetworks.Clear();
+#pragma warning restore ASPDEPR005 // KnownNetworks is obsolete
+        options.KnownIPNetworks.Clear();
         options.KnownProxies.Clear();
     }
 }

src/Middleware/HttpOverrides/src/ForwardedHeadersMiddleware.cs

@@ -213,7 +213,11 @@ public void ApplyForwarders(HttpContext context)
             // Host and Scheme initial values are never inspected, no need to set them here.
         };
 
-        var checkKnownIps = _options.KnownNetworks.Count > 0 || _options.KnownProxies.Count > 0;
+        var checkKnownIps = _options.KnownIPNetworks.Count > 0
+#pragma warning disable ASPDEPR005 // KnownNetworks is obsolete
+            || _options.KnownNetworks.Count > 0
+#pragma warning restore ASPDEPR005 // KnownNetworks is obsolete
+            || _options.KnownProxies.Count > 0;
         bool applyChanges = false;
         int entriesConsumed = 0;
 
@@ -399,13 +403,22 @@ private bool CheckKnownAddress(IPAddress address)
         {
             return true;
         }
+        foreach (var network in _options.KnownIPNetworks)
+        {
+            if (network.Contains(address))
+            {
+                return true;
+            }
+        }
+#pragma warning disable ASPDEPR005 // KnownNetworks is obsolete
         foreach (var network in _options.KnownNetworks)
         {
             if (network.Contains(address))
             {
                 return true;
             }
         }
+#pragma warning restore ASPDEPR005 // KnownNetworks is obsolete
         return false;
     }
 

src/Middleware/HttpOverrides/src/ForwardedHeadersOptions.cs

@@ -2,7 +2,9 @@
 // The .NET Foundation licenses this file to you under the MIT license.
 
 using Microsoft.AspNetCore.HttpOverrides;
+using AspNetIPNetwork = Microsoft.AspNetCore.HttpOverrides.IPNetwork;
 using IPAddress = System.Net.IPAddress;
+using IPNetwork = System.Net.IPNetwork;
 
 namespace Microsoft.AspNetCore.Builder;
 
@@ -82,8 +84,15 @@ public class ForwardedHeadersOptions
 
     /// <summary>
     /// Address ranges of known proxies to accept forwarded headers from.
+    /// Obsolete, please use <see cref="KnownIPNetworks"/> instead
     /// </summary>
-    public IList<IPNetwork> KnownNetworks { get; } = new List<IPNetwork>() { new IPNetwork(IPAddress.Loopback, 8) };
+    [Obsolete("Please use KnownIPNetworks instead. For more information, visit https://aka.ms/aspnet/deprecate/005.", DiagnosticId = "ASPDEPR005")]
+    public IList<AspNetIPNetwork> KnownNetworks { get; } = new List<AspNetIPNetwork>() { new(IPAddress.Loopback, 8) };
+
+    /// <summary>
+    /// Address ranges of known proxies to accept forwarded headers from.
+    /// </summary>
+    public IList<IPNetwork> KnownIPNetworks { get; } = new List<IPNetwork>() { new(IPAddress.Loopback, 8) };
 
     /// <summary>
     /// The allowed values from x-forwarded-host. If the list is empty then all hosts are allowed.

src/Middleware/HttpOverrides/src/IPNetwork.cs

@@ -9,7 +9,9 @@ namespace Microsoft.AspNetCore.HttpOverrides;
 
 /// <summary>
 /// A representation of an IP network based on CIDR notation.
+/// Please use <see cref="System.Net.IPNetwork"/> instead
 /// </summary>
+[Obsolete("Please use System.Net.IPNetwork instead. For more information, visit https://aka.ms/aspnet/deprecate/005.", DiagnosticId = "ASPDEPR005")]
 public class IPNetwork
 {
     /// <summary>

src/Middleware/HttpOverrides/src/PublicAPI.Unshipped.txt

@@ -1 +1,2 @@
 #nullable enable
+Microsoft.AspNetCore.Builder.ForwardedHeadersOptions.KnownIPNetworks.get -> System.Collections.Generic.IList<System.Net.IPNetwork>!

src/Middleware/HttpOverrides/test/ForwardedHeadersMiddlewareTest.cs

@@ -120,7 +120,10 @@ public async Task XForwardedForForwardLimit(int limit, string header, string exp
                         ForwardLimit = limit,
                     };
                     options.KnownProxies.Clear();
+#pragma warning disable ASPDEPR005 // KnownNetworks is obsolete
                     options.KnownNetworks.Clear();
+#pragma warning restore ASPDEPR005 // KnownNetworks is obsolete
+                    options.KnownIPNetworks.Clear();
                     app.UseForwardedHeaders(options);
                 });
             }).Build();
@@ -861,7 +864,10 @@ public async Task XForwardedProtoOverrideLimitedByLoopback(string protoHeader, s
                     };
                     if (!loopback)
                     {
+#pragma warning disable ASPDEPR005 // KnownNetworks is obsolete
                         options.KnownNetworks.Clear();
+#pragma warning restore ASPDEPR005 // KnownNetworks is obsolete
+                        options.KnownIPNetworks.Clear();
                         options.KnownProxies.Clear();
                     }
                     app.UseForwardedHeaders(options);
@@ -888,7 +894,7 @@ public void AllForwardsDisabledByDefault()
         var options = new ForwardedHeadersOptions();
         Assert.True(options.ForwardedHeaders == ForwardedHeaders.None);
         Assert.Equal(1, options.ForwardLimit);
-        Assert.Single(options.KnownNetworks);
+        Assert.Single(options.KnownIPNetworks);
         Assert.Single(options.KnownProxies);
     }
 
@@ -1092,7 +1098,7 @@ public async Task XForwardForIPv4ToIPv6Mapping(string forHeader, string knownPro
             var knownNetworkParts = knownNetwork.Split('/');
             var networkIp = IPAddress.Parse(knownNetworkParts[0]);
             var prefixLength = int.Parse(knownNetworkParts[1], CultureInfo.InvariantCulture);
-            options.KnownNetworks.Add(new IPNetwork(networkIp, prefixLength));
+            options.KnownIPNetworks.Add(new System.Net.IPNetwork(networkIp, prefixLength));
         }
 
         using var host = new HostBuilder()
@@ -1134,7 +1140,10 @@ public async Task ForwardersWithDIOptionsRunsOnce(int limit, string header, stri
                     {
                         options.ForwardedHeaders = ForwardedHeaders.XForwardedProto;
                         options.KnownProxies.Clear();
+#pragma warning disable ASPDEPR005 // KnownNetworks is obsolete
                         options.KnownNetworks.Clear();
+#pragma warning restore ASPDEPR005 // KnownNetworks is obsolete
+                        options.KnownIPNetworks.Clear();
                         options.ForwardLimit = limit;
                     });
                 })
@@ -1176,7 +1185,10 @@ public async Task ForwardersWithDirectOptionsRunsTwice(int limit, string header,
                         ForwardLimit = limit,
                     };
                     options.KnownProxies.Clear();
+#pragma warning disable ASPDEPR005 // KnownNetworks is obsolete
                     options.KnownNetworks.Clear();
+#pragma warning restore ASPDEPR005 // KnownNetworks is obsolete
+                    options.KnownIPNetworks.Clear();
                     app.UseForwardedHeaders(options);
                     app.UseForwardedHeaders(options);
                 });

src/Middleware/HttpOverrides/test/IPNetworkTest.cs

@@ -4,6 +4,7 @@
 
 namespace Microsoft.AspNetCore.HttpOverrides;
 
+[Obsolete("Microsoft.AspNetCore.HttpOverrides.IPNetwork is obsolete. For more information, visit https://aka.ms/aspnet/deprecate/005.", DiagnosticId = "ASPDEPR005")]
 public class IPNetworkTest
 {
     [Theory]