[Varnish] #203: X-Forwarded-For handling
Varnish
varnish-bugs at projects.linpro.no
Thu Feb 14 10:19:48 CET 2008
#203: X-Forwarded-For handling
-------------------------+--------------------------------------------------
Reporter: des | Owner: phk
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: varnishd | Version: trunk
Severity: normal | Resolution:
Keywords: |
-------------------------+--------------------------------------------------
Comment (by phk):
I don't think I have ever found any definitive documentation of how X
-Forwaded-For is supposed to work, as indicated by the X- it may not
exist.
The X-Forwarded-For is added in the filtering step, so it can be removed
in either of vcl_miss, vcl_pass or vcl_pipe if you do not want to send it
to the backend (and this should be documented)
With respect to editing kontra appending, I am not sure if we append an
extra or overwrite the existing X-Forwarded-For header, the last would be
a bug I think. (We have issues in this
area in general.)
I'm not particular religious about appending with a comma or adding a new
line, lacking a standard we should do what is most robust with web-
servers.
Where you write "post mode" above, you mean "pipe" mode.
We know that the first transaction on a piped connection is a HTTP,
because otherwise we would never get that far in the first place.
Inserting, as we do, X-Forwarded-For is perfectly sensible, and I would
say, required, since we otherwise would deprive the backend of a chance to
log things correctly. What happens on the connection after we send the
HTTP request to the backend is out of our hands.
Ideally pass should be able to handle all HTTP transactions, also Expect
etc, but there may be no cost-benefit from doing all that work.
--
Ticket URL: <http://varnish.projects.linpro.no/ticket/203#comment:2>
Varnish <http://varnish.projects.linpro.no/>
The Varnish HTTP Accelerator
More information about the varnish-bugs
mailing list