Hi Ionel, On Fri, Dec 08, 2023 at 10:35:52PM +0100, Ionel GARDAIS wrote: > Thanks Tristan. > > So typically I'd say to add to every single http frontend: > http-request set-header X-Forwarded-For %[src] > http-request set-header X-Forwarded-Host %[hdr(Host)] > http-request set-header X-Forwarded-Proto %[ssl_fc,iif(https,http)] > http-request set-header Forwarded > "by=${HOSTNAME};for=%[src];host=%[hdr(Host)];proto=%[ssl_fc,iif(https,http)]" > > Almost what I already did :) > What about using %[hdr(host,1)] to forcefully use the first Host header if > multiple headers are sent ?
This one is already deduplicated and checked against authority at the lower layers, no worries. Regards, Willy