Annotate
mod_http: Make RFC 7239 Forwarded opt-in for now to be safe
Supporting both methods at the same time may open to spoofing attacks,
whereby a client sends a Forwarded header that is not stripped by a
reverse proxy, leading Prosody to use that instead of the X-Forwarded-*
headers actually sent by the proxy.
By only supporting one at a time, it can be configured to match what the
proxy uses.
Disabled by default since implementations are sparse and X-Forwarded-*
are everywhere.
| author |
Kim Alvefur <zash@zash.se> |
| date |
Sat, 03 Jun 2023 21:53:20 +0200 |
| parent |
11706:56feb0cf7052 |
| child |
13191:1266efb7101c |
| rev |
line source |
|
11706
|
1 root = true
|
|
|
2
|
|
|
3 [*]
|
|
|
4 end_of_line = lf
|
|
|
5 indent_style = tab
|
|
|
6 insert_final_newline = true
|
|
|
7 trim_trailing_whitespace = true
|
|
|
8
|
|
|
9 [CHANGES]
|
|
|
10 indent_size = 4
|
|
|
11 indent_style = space
|
|
|
12
|
|
|
13 [configure]
|
|
|
14 indent_size = 3
|
|
|
15 indent_style = space
|
|
|
16
|
|
|
17 [**.xml]
|
|
|
18 indent_size = 2
|
|
|
19 indent_style = space
|
