diff options
author | Glenn Strauss <gstrauss@gluelogic.com> | 2022-03-08 01:52:13 -0500 |
---|---|---|
committer | Glenn Strauss <gstrauss@gluelogic.com> | 2022-03-09 19:50:09 -0500 |
commit | e447de1b66bde910a013f26dad52777f877feed7 (patch) | |
tree | df8311699a9556b456c0626a13247a311d373534 /src/http_header.c | |
parent | 18c5f3eb48767d31ea27973b22a3c90536272c69 (diff) | |
download | lighttpd-git-e447de1b66bde910a013f26dad52777f877feed7.tar.gz |
[mod_proxy] adjust handling of legacy X-* headers
append to X-Forwarded-For
overwrite X-Host, X-Forwarded-Host, X-Forwarded-Proto
(with value that might be obtained from trusted downstream proxy
configured with mod_extforward)
(do not blindly pass through client-provided values, unless
mod_extforward has been configured to trust the downstream proxy)
(RFC 7239 Forwarded is a standardized header with structured format
and ought to be preferred over the legacy X-* headers, where available)
Diffstat (limited to 'src/http_header.c')
0 files changed, 0 insertions, 0 deletions