On Wed, Apr 02, 2008 at 11:45:59AM +0100, Dagfinn Ilmari Mannsåker wrote: > Bill Moseley <[EMAIL PROTECTED]> writes: > > > On Tue, Apr 01, 2008 at 11:38:15PM -0400, Andy Grundman wrote: > >> > >> When using X-Forwarded-For you cannot trust any value that is not > >> added by your own upstream proxy, so we only want to use the last > >> value in the list. > > > > Ah, right. In this case I've got more than one proxy which > > that code doesn't expect. I can find a work-around. > > How about patching C::Engine::Apache to take a list of proxy IPs in its > config and use the last IP in the header that is not among these?
Yes, that's probably the best solution. For now I need to fix-up the proxy headers for use with Perlbal anyway, so I'll just override prepare_headers and update $c->req->address there. But speaking of patching, there's this bit of code to not include the default port: if ( $port != 80 && $host !~ /:/ ) { $host .= ":$port"; } What about the same for 443 and https? Most browsers will remove the default port, so not a huge issue. But, something like: unless ( $host =~ /:/ ) { $host .= ":$port" if ( $c->req->secure && $port != 443 ) || ( !$c->req->secure && $port != 80 ) } -- Bill Moseley [EMAIL PROTECTED] _______________________________________________ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/