On 02/08/2017 01:00 AM, Reindl Harald wrote:
>
>
> Am 08.02.2017 um 00:44 schrieb Yann Ylavic:
>> On Wed, Feb 8, 2017 at 12:25 AM, Yann Ylavic
>> wrote:
>>> On Wed, Feb 8, 2017 at 12:01 AM, Reindl Harald
>>> wrote:
how can you trust as a
On 8 February 2017 at 01:44, Yann Ylavic wrote:
> Actually, I'm not really opposed to set HTTPS=on (according to
> mod_remoteip) in the environment *given to the script/CGI* only, if
> that's the trigger for it to do the desired thing, this won't be used
> by httpd
Am 08.02.2017 um 00:44 schrieb Yann Ylavic:
On Wed, Feb 8, 2017 at 12:25 AM, Yann Ylavic wrote:
On Wed, Feb 8, 2017 at 12:01 AM, Reindl Harald wrote:
how can you trust as a php application developer that "X-Forwarded-Proto" is
trustable and
On Wed, Feb 8, 2017 at 12:25 AM, Yann Ylavic wrote:
> On Wed, Feb 8, 2017 at 12:01 AM, Reindl Harald wrote:
>>
>> how can you trust as a php application developer that "X-Forwarded-Proto" is
>> trustable and not from the enduser client at all - for
On Wed, Feb 8, 2017 at 12:01 AM, Reindl Harald wrote:
>
> how can you trust as a php application developer that "X-Forwarded-Proto" is
> trustable and not from the enduser client at all - for REMOTE_ADDR you don't
> consider "X-Forwarded-For" exactly for that reason
I'm
Am 07.02.2017 um 23:50 schrieb Yann Ylavic:
On Tue, Feb 7, 2017 at 11:34 PM, Reindl Harald wrote:
Am 07.02.2017 um 22:53 schrieb Yann Ylavic:
I mean the application can know about "X-Forwarded-Proto or whatever"
header, it could act with it like it does with
On Tue, Feb 7, 2017 at 11:34 PM, Reindl Harald wrote:
>
> Am 07.02.2017 um 22:53 schrieb Yann Ylavic:
>>
>> I mean the application can know about "X-Forwarded-Proto or whatever"
>> header, it could act with it like it does with HTTPS=on (if it
>> wishes)
>
> for that you
Am 07.02.2017 um 22:53 schrieb Yann Ylavic:
On Tue, Feb 7, 2017 at 10:14 PM, Jordan Gigov wrote:
On 7 February 2017 at 22:33, Yann Ylavic wrote:
I'm a bit reluctant with these patches, and probably need to be
convinced this isn't an application
Am 07.02.2017 um 21:33 schrieb Yann Ylavic:
My point is that we are not changing/masquarading something which is
remote here (like the client IP address), we are making so that the
applications and httpd itself think they are locally talking SSL/TLS.
Thus they will send things like "; Secure"
On Tue, Feb 7, 2017 at 10:14 PM, Jordan Gigov wrote:
> On 7 February 2017 at 22:33, Yann Ylavic wrote:
>> I'm a bit reluctant with these patches, and probably need to be
>> convinced this isn't an application issue in the first place (why not
>> use
On 7 February 2017 at 22:33, Yann Ylavic wrote:
> I'm a bit reluctant with these patches, and probably need to be
> convinced this isn't an application issue in the first place (why not
> use X-Forwarded-Proto or alike to achieve the same? i.e. generate
> https links...), or
On Tue, Feb 7, 2017 at 7:03 PM, Jordan Gigov wrote:
> On 7 February 2017 at 18:08, Sander Hoentjen wrote:
>>
>> I am trying to have haproxy added in front of our Apache servers, for
>> SSL termination. This is not hard to do, and especially with the recent
On 7 February 2017 at 18:08, Sander Hoentjen wrote:
> Hi guys,
>
> I am trying to have haproxy added in front of our Apache servers, for
> SSL termination. This is not hard to do, and especially with the recent
> addition of ProxyProtocol support to mod_remoteip it works
13 matches
Mail list logo