Hi, Nick, if you recall my initial paragraph, I'm here to address the configuration of httpd acting as a generic HTTP proxy which is able to handle both a standard (forward proxy mode) and transparent (reverse proxy mode) proxy requests. This is the same what other proxy servers (like Squid) do.
For this to achieve I use 'ProxyRequests On' together with couple of mod_rewrite rules with [P] flag (but not ProxyPass rules since every remote host needs to be proxied). The problem is that with current mod_proxy_http outgoing http request is dependant on how the original request was made to httpd. If original request was in "forward" fashion, no X-Forwarded-* headers are added to the outgoing request. Otherwise, for reverse proxy requests "Privacy Note" comes into play and additional X-Forwarded-* headers become visible (i.e. added by httpd) for remote hosts. The intention was not to distinguish the way on how the original request was made and stay consistent (that is, always add some headers or never) when forwarding the request to a remote host. I hope now the problem should be more clear. On 4/4/07, Nick Kew <[EMAIL PROTECTED]> wrote:
On Wed, 4 Apr 2007 12:08:15 +0300 "Dziugas Baltrunas" <[EMAIL PROTECTED]> wrote: > Hi, > > any commens/objections on this patch? Hmmm ... not sure I understand the problem you're fixing. > > > Currently mod_proxy_http adds X-Forwarded-* headers > > > unconditionally when we have a reverse proxy request and never > > > for forward proxy requests. I'm guessing this is the crux of your point. In the source code is a comment headed "Privacy Note", comprising three paragraphs explaining this behaviour. Perhaps it would be useful if you could address that comment directly. Also useful would be if you could explain what information you want is actually being lost in a forward proxy (if indeed that is your underlying problem)? -- Nick Kew Application Development with Apache - the Apache Modules Book http://www.apachetutor.org/
-- Dziugas Baltrunas http://dziugas.baltrunas.lt/
