I have read previous discussions (most recent I could find was Dec 2013 [1] ) on the inclusion of `HTTP_X_FORWARDED_FOR` based logic to get the "real" IP address of an HttpRequest. From what I can see, currently there is currently no automatic handling of `HTTP_X_FORWARDED_FOR` in Django.
However, I do notice that Django acknowledges `X_FORWARDED_HOST`, `X_FORWARDED_PORT` and (indirectly) `X_FORWARDED_PROTO` (though SECURE_PROXY_SSL_HEADER). If there is still opposition to having some built-in handling for `HTTP_X_FORWARDED_FOR`, I think that the deployment guide [1] should at least mention the need for the developer to handle this explicitly. Regards, Arthur P. ---- [1] https://groups.google.com/g/django-developers/c/J5O28jB5D3Q/m/KLLgllFS7v0J [2] https://docs.djangoproject.com/en/4.1/howto/deployment/ -- You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-developers+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/96d735ee-4ac0-4bf4-9850-a49f287e6e2an%40googlegroups.com.
