httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "William A. Rowe, Jr." <>
Subject Re: Adopting mod_remoteip to modules/metadata/ ?
Date Wed, 01 Apr 2009 15:16:47 GMT
Graham Leggett wrote:

> (Having not yet had a chance to look at the code) How is the possibility 
> of multiple IPs in the same header handled, eg:
> X-Fowarded-For:,

I think you'll find your question is answered in the README I referenced.
It's handled fine.  The interesting point is that, presuming that the
nearest remote_host and both have 'Internal' trust, meaning
they are know to our network, while and are given
TrustedProxy status, we would still refuse to acknowledge another networks
private subnet.  Therefore;


results in a remote_host, and the header value is updated to
reflect that this host still makes an X-Forwarded-For assertion, e.g.

Will we someday introduce a feature to treat this as a decorated remote
host name of something like "" - I'd suggest we could
but that feature could break any number of thirdparty modules attempting
to resolve this address.

View raw message