VictoriaMetrics

mirror of https://github.com/VictoriaMetrics/VictoriaMetrics.git synced 2024-12-04 16:51:11 +01:00

History

Nikolay 9c35807368 app/vmauth: add removeXFFHTTPHeaderValue flag Previously, there was no option to replace value of `X-Forwarded-For` HTTP Header. It was only possible to completely remove it. It's not good solution, since backend may require this information. But using direct value of this header is insecure. And requires complex knowledge of infrastruce at backend side (see spoofing X-Forwarded-For articles). This commit adds new flag, that replaces content of `X-Forwarded-For` HTTP Header value with current `RemoteAddress` of client that send request. It should be used if `vmauth` is directly attached to the internet. Related issue: https://github.com/VictoriaMetrics/VictoriaMetrics/issues/6883 --------- Signed-off-by: f41gh7 <nik@victoriametrics.com>		2024-11-29 10:25:47 +01:00
..
_index.md	docs: move changelog to dir (#6853 )	2024-08-21 17:26:54 +02:00
CHANGELOG_2020.md	docs: spelling fixes (#7420 )	2024-11-05 16:44:23 +01:00
CHANGELOG_2021.md	docs: spelling fixes (#7420 )	2024-11-05 16:44:23 +01:00
CHANGELOG_2022.md	docs: spelling fixes (#7420 )	2024-11-05 16:44:23 +01:00
CHANGELOG_2023.md	docs: spelling fixes (#7420 )	2024-11-05 16:44:23 +01:00
CHANGELOG.md	app/vmauth: add removeXFFHTTPHeaderValue flag	2024-11-29 10:25:47 +01:00