On 5/4/11 9:46 PM, Jacob Appelbaum wrote: > On 05/04/2011 12:31 PM, Joseph Lorenzo Hall wrote: >> On Wed, May 4, 2011 at 2:56 PM, katmagic <[email protected]> wrote: >>> >>> Tor2Web sends the X-Forwarded-For header which will contain the IP of >>> the client that requested your site. Actual Tor users won't (shouldn't) >>> send this header at all.
It would be possible to remove X-Forwarded-For from tor2web proxy: * At apache mod_proxy_http level with a code patch: http://blog.basteagow.com/2011/04/02/mod_proxy_http-disable-x-forwarded-headers/ Or better do it at polipo level with CensorHeader: http://www.pps.jussieu.fr/~jch/software/polipo/polipo.html#Censoring-headers -naif _______________________________________________ tor-talk mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
