lighttpd
/
lighttpd1.4
2
0
Fork 0
Code Issues Releases Wiki Activity
lighttpd1.4/tests
History
Glenn Strauss 371e1bf723 [mod_extforward] support Forwarded HTTP Extension (#2703) 
enable with, e.g.:
extforward.headers = ( "Forwarded" )
or
extforward.headers = ( "Forwarded", "X-Forwarded-For" )
or
extforward.headers = ( "Forwarded", "X-Forwarded-For", "Forwarded-For" )

The default remains:
extforward.headers = ( "X-Forwarded-For", "Forwarded-For" )

Support for "Forwarded" is not enabled by default since intermediate
proxies might not be aware of Forwarded, and might therefore pass
spoofed Forwarded header received from client.

extforward.params = ( # overwrite "Host" with Forwarded value
                      #"host" => 1
                      # set REMOTE_USER with Forwarded value
                      #"remote_user" => 1
                    )
Note: be cautious configuring trusted proxies if enabling these options
since Forwarded header may be spoofed and passed along indescriminantly
by proxies which do not handle Forwarded.

To remove "Forwarded" from incoming requests, do not enable these
options and instead use mod_setenv to clear the request header:
  setenv.set-request-header = ( "Forwarded" => "" )

Other proxy-related headers which admin might evaluate to keep or clear:
  setenv.set-request-header = ( "X-Forwarded-For" => "",
                                "X-Forwarded-By" => "",
                                "X-Forwarded-Server" => "",
                                "X-Origin-IP" => "",
                                "Via" => "",
                                #...
                              )

x-ref:
  "Forwarded HTTP Extension"
  https://tools.ietf.org/html/rfc7239
  "Forward authenticated user to proxied requests"
  https://redmine.lighttpd.net/issues/2703
 		2017-04-06 00:22:41 -04:00
..
docroot [tests] remove unused file depending on CGI.pm 2017-01-31 14:36:16 -05:00
404-handler.conf [core] server.error-handler new directive for error pages (fixes #2702) 2016-04-25 01:01:08 -04:00
CMakeLists.txt [mod_scgi] tests/mod-scgi.t unit tests 2017-01-31 14:36:15 -05:00
LightyTest.pm [tests] reduce time waiting for backends to start 2017-03-19 23:48:50 -04:00
Makefile.am [mod_scgi] tests/mod-scgi.t unit tests 2017-01-31 14:36:15 -05:00
SConscript [mod_scgi] tests/mod-scgi.t unit tests 2017-01-31 14:36:15 -05:00
bug-06.conf comment out auth.backend.ldap.* in tests/*.conf 2016-12-03 03:56:41 -05:00
bug-12.conf comment out auth.backend.ldap.* in tests/*.conf 2016-12-03 03:56:41 -05:00
cachable.t parse If-None-Match for ETag validation (fixes #2578) 2015-07-05 16:59:01 +00:00
cleanup.sh [scons] various improvements 2015-08-29 09:28:04 +00:00
condition.conf [core] never evaluate else branches until the previous branches are aready (fixes #2598) 2016-02-21 17:56:24 +00:00
core-404-handler.t [core] server.error-handler new directive for error pages (fixes #2702) 2016-04-25 01:01:08 -04:00
core-condition.t [core] never evaluate else branches until the previous branches are aready (fixes #2598) 2016-02-21 17:56:24 +00:00
core-keepalive.t - change s/// separator that it doesn't confuse vim 2008-01-15 22:03:59 +00:00
core-request.t fix SQL injection / host name validation (thx Jann Horn) 2014-03-12 12:03:55 +00:00
core-response.t [core] encode path with ENCODING_REL_URI in redirect to directory (fixes #2661, thx gstrauss) 2015-11-07 15:00:18 +00:00
core-var-include.t - change s/// separator that it doesn't confuse vim 2008-01-15 22:03:59 +00:00
core.t - change s/// separator that it doesn't confuse vim 2008-01-15 22:03:59 +00:00
fastcgi-10.conf comment out auth.backend.ldap.* in tests/*.conf 2016-12-03 03:56:41 -05:00
fastcgi-13.conf comment out auth.backend.ldap.* in tests/*.conf 2016-12-03 03:56:41 -05:00
fastcgi-auth.conf comment out auth.backend.ldap.* in tests/*.conf 2016-12-03 03:56:41 -05:00
fastcgi-responder.conf comment out auth.backend.ldap.* in tests/*.conf 2016-12-03 03:56:41 -05:00
fcgi-auth.c [tests] test coverage for issues (#321, #322) 2016-09-19 20:02:02 -04:00
fcgi-responder.c [tests] FCGI_Finish() final request before exit 2017-01-10 18:16:35 -05:00
lighttpd.conf [mod_cgi] cgi.local-redir = [enable|disable] (#2108, #2793) 2017-02-26 18:03:10 -05:00
lighttpd.htpasswd [mod_auth] skip blank lines and comment lines (fixes #2327) 2016-04-28 13:13:43 -04:00
lighttpd.user moved everything below trunk/ and added branches/ and tags/ 2005-02-20 14:27:00 +00:00
lowercase.conf load mod_auth & mod_authn_file in sample/test.conf 2016-11-29 22:32:28 -05:00
lowercase.t - change s/// separator that it doesn't confuse vim 2008-01-15 22:03:59 +00:00
mod-access.t [mod_access] new directive url.access-allow (fixes #1421) 2016-07-13 04:12:08 -04:00
mod-auth.t [mod_auth] structured data, register auth schemes 2016-09-22 19:54:57 -04:00
mod-cgi.t [core] consolidate dynamic handler response parse 2017-03-19 23:48:50 -04:00
mod-compress.conf [tests] search for perl in PATH instead of /usr/bin; whitespace + test config cleanups 2015-08-22 20:51:08 +00:00
mod-compress.t mod_compress: match partial+full content-type (fixes #1552) 2009-10-11 19:27:55 +00:00
mod-evhost.conf [mod_evhost] mod-evhost.t tests (#1194) 2016-10-20 14:22:46 -04:00
mod-evhost.t [mod_evhost] fix an incorrect error trace 2016-12-19 02:50:46 -05:00
mod-extforward.conf [mod_extforward] support Forwarded HTTP Extension (#2703) 2017-04-06 00:22:41 -04:00
mod-extforward.t [mod_extforward] support Forwarded HTTP Extension (#2703) 2017-04-06 00:22:41 -04:00
mod-fastcgi.t [tests] reduce time waiting for backends to start 2017-03-19 23:48:50 -04:00
mod-proxy.t [tests] search for perl in PATH instead of /usr/bin; whitespace + test config cleanups 2015-08-22 20:51:08 +00:00
mod-redirect.t - change s/// separator that it doesn't confuse vim 2008-01-15 22:03:59 +00:00
mod-rewrite.t [tests] search for perl in PATH instead of /usr/bin; whitespace + test config cleanups 2015-08-22 20:51:08 +00:00
mod-scgi.t [tests] reduce time waiting for backends to start 2017-03-19 23:48:50 -04:00
mod-secdownload.t [mod_secdownload] new directives modify hash path (fixes #646, fixes #1904) 2017-01-31 14:36:15 -05:00
mod-setenv.t [mod_setenv] directives to overwrite/remove hdrs (fixes #650, fixes #2295) 2017-01-31 14:36:15 -05:00
mod-simplevhost.conf [tests] search for perl in PATH instead of /usr/bin; whitespace + test config cleanups 2015-08-22 20:51:08 +00:00
mod-simplevhost.t [tests] add mod_simplevhost tests 2013-08-30 13:15:01 +00:00
mod-ssi.t [mod_ssi] more flexible quoting (fixes #1768) 2016-05-14 05:50:37 -04:00
mod-userdir.t [mod_user] add test cases to check handling of encoded ~ as %7E (#2124) 2013-06-29 10:07:45 +00:00
prepare.sh [mod_evhost] mod-evhost.t tests (#1194) 2016-10-20 14:22:46 -04:00
proxy.conf comment out auth.backend.ldap.* in tests/*.conf 2016-12-03 03:56:41 -05:00
request.t [core] support Expect: 100-continue with HTTP/1.1 (fixes #377, #1017, #1953, #2438) 2017-01-31 14:36:15 -05:00
run-tests.pl Fix request parser to handle packets with splitted \r\n\r\n (fixes #2105) 2009-11-29 14:13:13 +00:00
scgi-responder.c [mod_scgi] tests/mod-scgi.t unit tests 2017-01-31 14:36:15 -05:00
scgi-responder.conf [mod_scgi] tests/mod-scgi.t unit tests 2017-01-31 14:36:15 -05:00
symlink.t mark testcase executable 2008-05-22 06:25:54 +00:00
var-include-sub.conf [tests] search for perl in PATH instead of /usr/bin; whitespace + test config cleanups 2015-08-22 20:51:08 +00:00
var-include.conf [tests] search for perl in PATH instead of /usr/bin; whitespace + test config cleanups 2015-08-22 20:51:08 +00:00
wrapper.sh Add static-file.disable-pathinfo option to prevent handling of urls like .../secret.php/image.jpg as static file 2011-08-30 22:13:59 +00:00