[Varnish] #203: X-Forwarded-For handling
Varnish
varnish-bugs at projects.linpro.no
Wed Feb 13 16:56:17 CET 2008
#203: X-Forwarded-For handling
----------------------+-----------------------------------------------------
Reporter: des | Owner: phk
Type: defect | Status: new
Priority: normal | Milestone:
Component: varnishd | Version: trunk
Severity: normal | Keywords:
----------------------+-----------------------------------------------------
Varnish always adds an {{{X-Forwarded-For}}} header when talking to the
backend. There are at least two problems with this:
* {{{X-Forwarded-For}}} should probably be omitted for a normal non-pass,
non-pipe request.
* in pass mode, if {{{X-Forwarded-For}}} is already present, the client's
IP address should be appended to it, separated from the pre-existing value
by a comma.
* post mode is trickier. Assuming the request ''is'' an HTTP request, it
is of course possible to add / modify {{{X-Forwarded-For}}} before
entering post mode, but it won't be possible to modify subsequent requests
on the same connection. This can be mitigated by also adding
{{{Connection: close}}} to the request.
All of this can (and probably should) be implemented entirely in VCL.
--
Ticket URL: <http://varnish.projects.linpro.no/ticket/203>
Varnish <http://varnish.projects.linpro.no/>
The Varnish HTTP Accelerator
More information about the varnish-bugs
mailing list