http_proxy_to_wsgi should handle the X-Forwarded-For header or the "for=" component in the Forwarded header
Bug #1621267 reported by
Guang Yee
This bug affects 3 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
oslo.middleware |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
The X-Forwarded-For header or the "for=" components in the Forwarded header (per RFC 7239) is essential for applications to keep track of the originating peer IP. CADF, for example, is relying on REMOTE_ADDR to keep track of the real client address.
If either header is present, http_proxy_to_wsig should properly replace the REMOTE_ADDR with the real client address.
To post a comment you must log in.
Looks like this is done: https:/ /github. com/openstack/ oslo.middleware /blob/880f29d72 e436ab3a63a62c8 2c2f23d2a94b1a0 1/oslo_ middleware/ http_proxy_ to_wsgi. py#L73