https://issues.apache.org/bugzilla/show_bug.cgi?id=55553
Mark Thomas <ma...@apache.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |RESOLVED Resolution|--- |WONTFIX --- Comment #3 from Mark Thomas <ma...@apache.org> --- Then the solution is to configure two http connectors on separate ports: one for direct http traffic and one for http traffic that has been processed by the transparent proxy. If you want the http and https requests to share a common thread pool then an executor can be configured. The proposed patch would result in the the valve processing headers when no trusted proxy had been configured and I am concerned that some users may be caught out by this and end up with an insecure configuration - even if this behavior is documented. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org