From c50094fc9d34099efd705700e6d2efa2fa065412 Mon Sep 17 00:00:00 2001 From: Francis Lavoie Date: Sun, 6 Mar 2022 18:51:55 -0500 Subject: reverseproxy: Implement trusted proxies for `X-Forwarded-*` headers (#4507) --- .../reverse_proxy_trusted_proxies.txt | 56 ++++++++++++++++++++++ 1 file changed, 56 insertions(+) create mode 100644 caddytest/integration/caddyfile_adapt/reverse_proxy_trusted_proxies.txt (limited to 'caddytest/integration/caddyfile_adapt') diff --git a/caddytest/integration/caddyfile_adapt/reverse_proxy_trusted_proxies.txt b/caddytest/integration/caddyfile_adapt/reverse_proxy_trusted_proxies.txt new file mode 100644 index 0000000..5e11284 --- /dev/null +++ b/caddytest/integration/caddyfile_adapt/reverse_proxy_trusted_proxies.txt @@ -0,0 +1,56 @@ +:8884 + +reverse_proxy 127.0.0.1:65535 { + trusted_proxies 127.0.0.1 +} + +reverse_proxy 127.0.0.1:65535 { + trusted_proxies private_ranges +} +---------- +{ + "apps": { + "http": { + "servers": { + "srv0": { + "listen": [ + ":8884" + ], + "routes": [ + { + "handle": [ + { + "handler": "reverse_proxy", + "trusted_proxies": [ + "127.0.0.1" + ], + "upstreams": [ + { + "dial": "127.0.0.1:65535" + } + ] + }, + { + "handler": "reverse_proxy", + "trusted_proxies": [ + "192.168.0.0/16", + "172.16.0.0/12", + "10.0.0.0/8", + "127.0.0.1/8", + "fd00::/8", + "::1" + ], + "upstreams": [ + { + "dial": "127.0.0.1:65535" + } + ] + } + ] + } + ] + } + } + } + } +} -- cgit v1.2.3