HTTP_X_FORWARDED_FOR being truncated/prefixed with a comma and no IP for some requests
Maxim Dounin
mdounin at mdounin.ru
Thu Sep 19 10:36:23 UTC 2013
Hello!
On Wed, Sep 18, 2013 at 07:50:13PM -0400, scianos wrote:
> Hi -
>
> I have confirmed an unusual situation in which it appears the leading
> address is being stripped from x-forwarded-for headers passed on to
> downstream hosts (running Apache in this case) on very specific requests. I
> haven't been able to determine a pattern that triggers the event.
>
> Has anyone else experienced this issue/seen anything similar? I've been
> managing nginx-based services for some time and this is the first event in
> which I've seen this behavior; I am at a loss.
>
> Kind regards,
> Stu
>
> Technical info:
> Example:
> HTTP_X_FORWARDED_FOR=, 10.2.8.141 SERVER_ADDR=10.5.7.112
> REMOTE_ADDR=10.4.7.114
> - note the leading "," on the x_forwarded_for header and the missing leading
> IP.
This can easily happen if an original request contains an empty
X-Forwarded-For header. See no problem here.
--
Maxim Dounin
http://nginx.org/en/donation.html
More information about the nginx
mailing list