# Express Trust Proxy Configuration

- ID: javascript-express-trust-proxy
- Severity: MEDIUM
- Languages: JavaScript, TypeScript
- Frameworks: express

## Description

Detects missing 'trust proxy' setting when using rate limiting or IP-based security behind a proxy.

## Detection Message

Application uses IP-based controls but lacks 'trust proxy' configuration

## Remediation

Configure Express to trust proxy headers when deployed behind a proxy/load balancer.
Example: app.set('trust proxy', 1);

## Documentation

[object Object]

## Related Rules

- **Docker Build Optimization and Best Practices** [LOW]: 
- **Docker Compose Obsolete Version Field** [LOW]: 
- **Docker File Operations Best Practices** [LOW]: 
- **Invalid Port Number in EXPOSE** [ERROR]: 
- **Multiple ENTRYPOINT Instructions** [MEDIUM]: