Hi Ionel,
On Fri, Dec 08, 2023 at 10:35:52PM +0100, Ionel GARDAIS wrote:
> Thanks Tristan.
>
> So typically I'd say to add to every single http frontend:
> http-request set-header X-Forwarded-For %[src]
> http-request set-header X-Forwarded-Host %[hdr(Host)]
> http-request set-header X-Forwarded-Proto %[ssl_fc,iif(https,http)]
> http-request set-header Forwarded
> "by=${HOSTNAME};for=%[src];host=%[hdr(Host)];proto=%[ssl_fc,iif(https,http)]"
>
> Almost what I already did :)
> What about using %[hdr(host,1)] to forcefully use the first Host header if
> multiple headers are sent ?
This one is already deduplicated and checked against authority at the
lower layers, no worries.
Regards,
Willy
