cross
New Foswiki release 2.1.6 is available with important security fixes.
Sourceforge foswiki email lists being discontinued. Subscribe to the new Foswiki announce and discuss lists at MailingLists
You are here: Foswiki>Tasks Web>Item14380 (13 Jun 2018, GeorgeClark)Edit Attach

Item14380: Foswiki should have option to use X-Forwarded-For to determine Client IP in reverse proxy configuration.

pencil
Priority: Enhancement
Current State: Waiting for Release
Released In: 2.2.0
Target Release: minor
Applies To: Engine
Component: FoswikiEngine
Branches: master Item14288 Item14380 Item14537
Reported By: GeorgeClark
Waiting For:
Last Change By: GeorgeClark
In proxy configurations, the Foswiki events log will only contain the proxy server's IP address, anonymizing the clients.

The X-Forwarded-For header will often contain the real client IP in a proxy configuration.

See Wikipedia:X-Forwarded-For

-- GeorgeClark - 19 Apr 2017

Implemented as a new Proxies option: {PROXY}{UseForwardedForHeader}

-- Main.GeorgeClark - 14 May 2017 - 18:26

See also Item14544

-- GeorgeClark - 27 Nov 2017

Re-opening this to work on for 2.1.5. Since the code already processes the Forwarding headers - incorrectly - this really is a bugfix. It needs to support: X-Forwarded-For, X-Forwarded-Host, X-Forwarded-Port and X-Forwarded-Proto which may be present.

-- GeorgeClark - 27 Nov 2017
 
Topic revision: r18 - 13 Jun 2018, GeorgeClark - This page was cached on 19 Jul 2018 - 10:01.

The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License    Legal Imprint    Privacy Policy