From a2aa4e81816c6447a78c2251b82976068e217005 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kamil=20My=C5=9Bliwiec?= <mail@kamilmysliwiec.com>
Date: Fri, 18 Oct 2024 12:59:07 +0200
Subject: [PATCH] chore: improve wording

---
 .swp                              | Bin 12288 -> 0 bytes
 content/security/rate-limiting.md |  57 +++++++++++++++++++++---------
 2 files changed, 41 insertions(+), 16 deletions(-)
 delete mode 100644 .swp

diff --git a/.swp b/.swp
deleted file mode 100644
index 2cab0a0dc2524e21d670623d88491f5894f84db4..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 12288
zcmeI%u};G<5C&iu#DEw;@B#-6U1(KW26zMpB!(7NT<6kQP2<QutL?;_@Ju`sPH6{_
z+O?|mTS`v8Sa<d(Wr#BFy*<CsW4Eu;xM*&_!+)QsG8!E=i5+pZt}`rbHGS1tXZY~c
z+p!vtAOL~=2%L@v{rlC+d3$qBSC^yxYy({(009U<00Izz00bZafxQSw-BO>a^U=Ed
z@jABt#q|^c0uX=z1Rwwb2tWV=5P$##AOL{_6wsMcXXi={($)O`-+cdnrTP0Ne}L!0
zmLUKE2tWV=5P$##AOHafKmY<;1xOt6qV^mDg*a)~-qq}7Nr8nj$AKy*v?a|88{~u7
zd*{{PLK6<c8O30$3AJ@ycT>SO%~%ST-4V^LDQLW;jB_1JA(Fzoc_1YPr@ki6xDqYa
zRW#RuVijVZTVqqU*>Z@+aL8l1Bs;51ZdRufyecD7HeFL|(<C?@P}o<xq?DhkALvtT
AHUIzs

diff --git a/content/security/rate-limiting.md b/content/security/rate-limiting.md
index 53c743c317..c96cd22e8a 100644
--- a/content/security/rate-limiting.md
+++ b/content/security/rate-limiting.md
@@ -103,26 +103,41 @@ findAll() {
 
 #### Proxies
 
-If your application runs behind a proxy server, check the specific HTTP adapter options ([express](http://expressjs.com/en/guide/behind-proxies.html) and [fastify](https://www.fastify.io/docs/latest/Reference/Server/#trustproxy)) for the `trust proxy` option and enable it. 
-The following example enables `trust proxy` for the `express` adapter:
+If your application is running behind a proxy server, it’s essential to configure the HTTP adapter to trust the proxy. You can refer to the specific HTTP adapter options for [Express](http://expressjs.com/en/guide/behind-proxies.html) and [Fastify](https://www.fastify.io/docs/latest/Reference/Server/#trustproxy) to enable the `trust proxy` setting.
+
+Here's an example that demonstrates how to enable `trust proxy` for the Express adapter:
 
 ```typescript
-//main.ts
+@@filename(main.ts)
 import { NestFactory } from '@nestjs/core';
 import { AppModule } from './app.module';
-import { NestExpressApplication } from "@nestjs/platform-express"
+import { NestExpressApplication } from '@nestjs/platform-express';
+
 async function bootstrap() {
   const app = await NestFactory.create<NestExpressApplication>(AppModule);
-  app.set('trust proxy', 'loopback') // specify a single subnet
-  await app.listen(3000)
+  app.set('trust proxy', 'loopback'); // Trust requests from the loopback address
+  await app.listen(3000);
 }
+
+bootstrap();
+@@switch
+import { NestFactory } from '@nestjs/core';
+import { AppModule } from './app.module';
+import { NestExpressApplication } from '@nestjs/platform-express';
+
+async function bootstrap() {
+  const app = await NestFactory.create(AppModule);
+  app.set('trust proxy', 'loopback'); // Trust requests from the loopback address
+  await app.listen(3000);
+}
+
 bootstrap();
 ```
 
-Doing so will allow you to get the original IP address from the `X-Forwarded-For` header, and you can override the `getTracker()` method to pull the value from the header rather than from `req.ip`. The following example works with both express and fastify:
+Enabling `trust proxy` allows you to retrieve the original IP address from the `X-Forwarded-For` header. You can also customize the behavior of your application by overriding the `getTracker()` method to extract the IP address from this header instead of relying on `req.ip`. The following example demonstrates how to achieve this for both Express and Fastify:
 
 ```typescript
-// throttler-behind-proxy.guard.ts
+@@filename(throttler-behind-proxy.guard)
 import { ThrottlerGuard } from '@nestjs/throttler';
 import { Injectable } from '@nestjs/common';
 
@@ -132,11 +147,6 @@ export class ThrottlerBehindProxyGuard extends ThrottlerGuard {
     return req.ips.length ? req.ips[0] : req.ip; // individualize IP extraction to meet your own needs
   }
 }
-
-// app.controller.ts
-import { ThrottlerBehindProxyGuard } from './throttler-behind-proxy.guard';
-
-@UseGuards(ThrottlerBehindProxyGuard)
 ```
 
 > info **Hint** You can find the API of the `req` Request object for express [here](https://expressjs.com/en/api.html#req.ips) and for fastify [here](https://www.fastify.io/docs/latest/Reference/Request/).
@@ -149,15 +159,30 @@ This module can work with websockets, but it requires some class extension. You
 @Injectable()
 export class WsThrottlerGuard extends ThrottlerGuard {
   async handleRequest(requestProps: ThrottlerRequest): Promise<boolean> {
-    const { context, limit, ttl, throttler, blockDuration, getTracker, generateKey } = requestProps;
+    const {
+      context,
+      limit,
+      ttl,
+      throttler,
+      blockDuration,
+      getTracker,
+      generateKey,
+    } = requestProps;
 
     const client = context.switchToWs().getClient();
     const tracker = client._socket.remoteAddress;
     const key = generateKey(context, tracker, throttler.name);
     const { totalHits, timeToExpire, isBlocked, timeToBlockExpire } =
-      await this.storageService.increment(key, ttl, limit, blockDuration, throttler.name);
+      await this.storageService.increment(
+        key,
+        ttl,
+        limit,
+        blockDuration,
+        throttler.name,
+      );
 
-    const getThrottlerSuffix = (name: string) => (name === 'default' ? '' : `-${name}`);
+    const getThrottlerSuffix = (name: string) =>
+      name === 'default' ? '' : `-${name}`;
 
     // Throw an error when the user reached their limit.
     if (isBlocked) {