diff options
author | Francis Lavoie <lavofr@gmail.com> | 2023-03-27 16:22:59 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-03-27 20:22:59 +0000 |
commit | 05e9974570a08df14b1162a1e98315d4ee9ec2ee (patch) | |
tree | e11e345766dc53c25f901a7402ceb489b4416fe9 /modules/caddyhttp/app.go | |
parent | 330be2d8c793147d3914f944eecb96c18f2eabff (diff) |
caddyhttp: Determine real client IP if trusted proxies configured (#5104)
* caddyhttp: Determine real client IP if trusted proxies configured
* Support customizing client IP header
* Implement client_ip matcher, deprecate remote_ip's forwarded option
Diffstat (limited to 'modules/caddyhttp/app.go')
-rw-r--r-- | modules/caddyhttp/app.go | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/modules/caddyhttp/app.go b/modules/caddyhttp/app.go index 670185a..ceb62f4 100644 --- a/modules/caddyhttp/app.go +++ b/modules/caddyhttp/app.go @@ -232,6 +232,11 @@ func (app *App) Provision(ctx caddy.Context) error { srv.trustedProxies = val.(IPRangeSource) } + // set the default client IP header to read from + if srv.ClientIPHeaders == nil { + srv.ClientIPHeaders = []string{"X-Forwarded-For"} + } + // process each listener address for i := range srv.Listen { lnOut, err := repl.ReplaceOrErr(srv.Listen[i], true, true) |