Ian wrote: > I think we had philosophical differences about whether to read the > headers in attributes, or rewrite the environment, and I was on the rewrite > side. And... wasn't it X-Forwarded-Server?
Sorry, didn't mean to pick on you, Ian ;) I'm all for rewriting the environ. If I remember right, my version of the code required no configuration, but could not handle being "mounted" in a subdirectory whereas the existing code was the opposite. Either way, I wish it were fixed by default. This bug has chased me through two companies ;) I'd be happy even it Routes automatically respected X_FORWARDED_FOR or something. Jonathan wrote: > The middleware I use under modperl works like this: > > Port 80 proxy- > Sets X-Forwarded-For to REMOTE_ADDR > Sets X-Forwarded-For-Lan to LAN_SECRET > Sets REMOTE_ADDR to the lan id / 127.0.0.1 > > ModPerl 'middleware' > Requires X-Forwarded-For headers to have: > REMOTE_ADDR of specifc lan ips > X-Forwarded-For-Lan with correct lan secret > If those qualifications are met, then the X-Forwarded-For becomes > REMOTE_ADDR. If they do not, the request is rejected. Clever ;) By the way, I'm confused. What *is* the standard answer to this question for Pylons? -jj --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en -~----------~----~----~----~------~----~------~--~---
