On Mon, 09 Dec 2013 11:10:46 -0800 Mike Rumph <[email protected]> wrote:
> As you can see from the bug report, I have been looking into this. > It might also be important to consider the related bug 55637: > - https://issues.apache.org/bugzilla/show_bug.cgi?id=55637 Closed invalid. The incorrect assumptions are very similar to but distinct from the 55635 case. In this case, let's use a car's title as it's internal proxy document and the car's ignition keys as the trusted proxy document. Although you might trust one with your car keys, they can go ahead and share those keys with yet another party. We would not want to design the remoteip logic to then let that individual hand another party the title to the vehicle :) Once the InternalProxy list is exhausted and we have begun processing the TrustedProxy list, we can never again assign the next apparent proxy to be an InternalProxy. That would be a claim by an external party whom we can't assign that much trust to. > The setups so far have not included a RemoteIPProxiesHeader. > But if it is included, the mod_remote documentation seems to indicate > that the value should be different from the RemoteIPHeader. > - > http://httpd.apache.org/docs/trunk/mod/mod_remoteip.html#remoteipproxiesheader > > > RemoteIPHeader X-Forwarded-For > RemoteIPProxiesHeader X-Forwarded-By You are correct. > From my analysis so far it appears that mod_remoteip is behaving as > documented. But the documentation is a little difficult to understand. Correct, and I'm not sure how it can be improved. Feel free to quote, rephrase or build upon my responses to the bug tickets.
