On 10/20/06, Ian Bicking <[EMAIL PROTECTED]> wrote: > Shannon -jj Behrens wrote: > > On 10/20/06, Ian Bicking <[EMAIL PROTECTED]> wrote: > >> Shannon -jj Behrens wrote: > >> > Hi, > >> > > >> > I'm putting a Pylons application behind Apache by proxying it. That > >> > means that when I call paste.request.construct_url, it returns a URL > >> > for localhost. I think it's a useful and harmless feature to have > >> > Paste automatically respect HTTP_X_FORWARDED_SERVER if present. I did > >> > this in Aquarium, and no user ever complained about it. Rather, it's > >> > nice to have the application "just work" even if it's behind a proxy. > >> > > >> > Ian, if you're interested, I'll submit a patch. > >> > >> Hmm... not sure. I can't really see a security problem if a client > >> submits a bad X-Forwarded-Server header. OTOH, if PrefixMiddleware did > >> this translation (HTTP_X_FORWARDED_SERVER -> HTTP_HOST) by default that > >> would clean it up early. I know I have lots of code that expects > >> HTTP_HOST, and I'd rather normalize the environment than deal with the > >> exceptions everywhere. > > I added this to paste.deploy.config.PrefixMiddleware (I'm not sure why > that middleware is in that module...). Anyway, by default that > middleware will now translate the X-Forwarded-Server header to Host.
Awesome! Now, please forgive me for being a newbie, but I don't see PrefixMiddleware in my middleware configuration. Does that mean I need to add it explicitly to all of my applications? Thanks, -jj -- The one who gets the last laugh isn't the one who did the laughing, but rather the one who did the writing. _______________________________________________ Paste-users mailing list [email protected] http://webwareforpython.org/cgi-bin/mailman/listinfo/paste-users
