On Friday, October 30, 2015 at 11:27:33 AM UTC-4, Randall Leeds wrote: > > It looks like you'll need to check this setting: > http://docs.gunicorn.org/en/19.3/settings.html#forwarded-allow-ips > > Trusting the X-Forwarded headers from the open internet is not safe, so > gunicorn normally only does so from localhost connections. In your case, > the connections to gunicorn will be coming from the docker gateway IP. >
That's a good catch. I use `uwsgi` and it's pretty standard on all configs to manually set the `x-forwarded-` headers, so that's the one config they don't have (or do they? there are 300+) Using the Paste.deploy proxy-prefix middleware is the source of many solutions in this area though. -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To unsubscribe from this group and stop receiving emails from it, send an email to pylons-discuss+unsubscr...@googlegroups.com. To post to this group, send email to pylons-discuss@googlegroups.com. Visit this group at http://groups.google.com/group/pylons-discuss. For more options, visit https://groups.google.com/d/optout.
