X-Forwarded-For在关湾 [英] X-Forwarded-For in Gwan
问题描述
我已经阅读了文档(包括API和手册),并且似乎没有发现gwan对 X-Forwarded-For 标题的任何支持。我发现的唯一可能是相关的是 REMOTE_BIN_ADDR 。
我知道要获取客户端IP,您可以使用 REMOTE_ADDR ,但我的gwan服务器位于HA代理负载平衡器,它通过 X-Forwarded-For 转发客户IP。
Gwan不支持这个头文件吗?据我们所知,尽管广泛使用,但是 X-Forwarded-For c> HTTP标头不是RFC的一部分。一些服务器,比如Nginx,正在使用替代品,因为代理服务器可以链接客户端IP地址,导致不可靠的结果。
X-Forwarded-For 值的HTTP头信息不可信 ...除非您自己的代理正在清除以前的任何设置值并添加它自己的。这使得 X-Forwarded-For 标题乍看起来没有预期的有用 - 并且肯定有助于解释为什么Nginx觉得需要创建它自己的。 G-WAN最初支持这个头,但我们删除了这个条目,因为我们认为它与本地G-WAN反向代理和负载均衡器是冗余的(最后一个实现的功能年,但仍然没有记录,因为以精美的方式记录和导出接口需要时间 - 我们希望将此功能与协议处理程序合并,以简化操作。)
请注意,现在,您可以从处理程序或从 servlets 中轻松解析G-WAN公开的HTTP标头, code>。
I have read through the documentation (both API and Manual), and haven't seem to find any support by gwan for the X-Forwarded-For header. The only thing I have found that could be related was REMOTE_BIN_ADDR.
I know to get a client IP you can use REMOTE_ADDR however my gwan servers are behind a HA Proxy load balancer, which forwards the client IP via X-Forwarded-For.
Does Gwan not support this header?
As far as we know, while widely used, the X-Forwarded-For HTTP header is not part of the RFCs. Some servers, like Nginx, are using alternatives because proxy servers can "chain" the client IP address, leading to unreliable results.
On a side note, keep in mind that HTTP headers providing an X-Forwarded-For value cannot be trusted... unless your own proxy is cleaning-up any previously setup value and adding its own. This makes this X-Forwarded-For header less useful than expected at first glance - and surely contributes to explain why Nginx felt the need to create its own.
G-WAN initially supported this header but we have removed this entry because we believe that it is redundant with the native G-WAN reverse-proxy and load-balancer (a feature that was implemented last year but which is still not documented as documenting and exporting the interfaces in a polished way takes time - and we want to merge this feature with protocol handlers, to simplify things).
Note that, right now, you can easily parse it from the HTTP headers exposed by G-WAN, either from a handler or from servlets.
这篇关于X-Forwarded-For在关湾的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
