mirror of
https://github.com/VictoriaMetrics/VictoriaMetrics.git
synced 2024-12-01 14:47:38 +00:00
f4c597da88
Previously, there was no option to replace value of `X-Forwarded-For` HTTP Header. It was only possible to completely remove it. It's not good solution, since backend may require this information. But using direct value of this header is insecure. And requires complex knowledge of infrastruce at backend side (see spoofing X-Forwarded-For articles). This commit adds new flag, that replaces content of `X-Forwarded-For` HTTP Header value with current `RemoteAddress` of client that send request. It should be used if `vmauth` is directly attached to the internet. Related issue: https://github.com/VictoriaMetrics/VictoriaMetrics/issues/6883 --------- Signed-off-by: f41gh7 <nik@victoriametrics.com> |
||
|---|---|---|
| .. | ||
| deployment | ||
| multiarch | ||
| auth_config.go | ||
| auth_config_test.go | ||
| example_config.yml | ||
| example_config_ent.yml | ||
| main.go | ||
| main_test.go | ||
| Makefile | ||
| README.md | ||
| target_url.go | ||
| target_url_test.go | ||
See vmauth docs here.
vmauth docs can be edited at docs/vmauth.md.