X-Forwarded-For: 1.2.3.4
X-Forwarded-For: 87.218.216.202
I believe that's legal, and is equivalent to:
X-Forwarded-For: 1.2.3.4, 87.218.216.202
Possibly the IPs in my example are reversed - I'm not sure. The point
I'm making is that if you require only a single IP to be in your
X-Forwarded-For header, you should use HeadRemove as you mentioned.
The multiple-IP version is legal / arguably desirable in the case of
multiple intermediate proxies. Think ISP-level web accelerator in front
of an end-user.
Regards,
--
Dave Steinberg
http://www.geekisp.com/
http://www.steinbergcomputing.com/
--
To unsubscribe send an email with subject unsubscribe to [email protected].
Please contact [email protected] for questions.
