3 Commits (1a02cd7e33fd188af8596c4ff45483a224209349)

Author	SHA1	Message	Date
Glenn Strauss	371e1bf723	[mod_extforward] support Forwarded HTTP Extension (#2703) ... enable with, e.g.: extforward.headers = ( "Forwarded" ) or extforward.headers = ( "Forwarded", "X-Forwarded-For" ) or extforward.headers = ( "Forwarded", "X-Forwarded-For", "Forwarded-For" ) The default remains: extforward.headers = ( "X-Forwarded-For", "Forwarded-For" ) Support for "Forwarded" is not enabled by default since intermediate proxies might not be aware of Forwarded, and might therefore pass spoofed Forwarded header received from client. extforward.params = ( # overwrite "Host" with Forwarded value #"host" => 1 # set REMOTE_USER with Forwarded value #"remote_user" => 1 ) Note: be cautious configuring trusted proxies if enabling these options since Forwarded header may be spoofed and passed along indescriminantly by proxies which do not handle Forwarded. To remove "Forwarded" from incoming requests, do not enable these options and instead use mod_setenv to clear the request header: setenv.set-request-header = ( "Forwarded" => "" ) Other proxy-related headers which admin might evaluate to keep or clear: setenv.set-request-header = ( "X-Forwarded-For" => "", "X-Forwarded-By" => "", "X-Forwarded-Server" => "", "X-Origin-IP" => "", "Via" => "", #... ) x-ref: "Forwarded HTTP Extension" https://tools.ietf.org/html/rfc7239 "Forward authenticated user to proxied requests" https://redmine.lighttpd.net/issues/2703	6 years ago
Elan Ruusamäe	cde46f6a3d	- support chained proxies in mod_extforward (#1528) ... git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2061 152afb58-edef-0310-8abb-c4023f1b3aa9	16 years ago
Elan Ruusamäe	b6d6b82b70	- add test for extforward module ... git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2044 152afb58-edef-0310-8abb-c4023f1b3aa9	16 years ago