Software / code / prosody
Annotate
TODO @ 13127:f45a29b32f7a
mod_http: Make RFC 7239 Forwarded opt-in for now to be safe
Supporting both methods at the same time may open to spoofing attacks,
whereby a client sends a Forwarded header that is not stripped by a
reverse proxy, leading Prosody to use that instead of the X-Forwarded-*
headers actually sent by the proxy.
By only supporting one at a time, it can be configured to match what the
proxy uses.
Disabled by default since implementations are sparse and X-Forwarded-*
are everywhere.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sat, 03 Jun 2023 21:53:20 +0200 |
| parent | 9803:35ef6af41600 |
| rev | line source |
|---|---|
| 5405 | 1 == 1.0 == |
|
4138
62f5e6b11571
TODO: Update for 0.9 milestones
Matthew Wild <mwild1@gmail.com>
parents:
4134
diff
changeset
|
2 - Roster providers |
|
62f5e6b11571
TODO: Update for 0.9 milestones
Matthew Wild <mwild1@gmail.com>
parents:
4134
diff
changeset
|
3 - Clustering |
| 2663 | 4 - World domination |
