W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2011

Re: I-D draft-petersson-forwarded-for-00.txt

From: Willy Tarreau <w@1wt.eu>
Date: Thu, 7 Apr 2011 18:08:23 +0200
To: Karl Dubost <karld@opera.com>
Cc: Poul-Henning Kamp <phk@phk.freebsd.dk>, Andreas Petersson <andreas@sbin.se>, ietf-http-wg@w3.org
Message-ID: <20110407160823.GB6428@1wt.eu>
On Thu, Apr 07, 2011 at 08:34:10AM -0400, Karl Dubost wrote:
> 
> Le 7 avr. 2011 à 08:24, Poul-Henning Kamp a écrit :
> > In message <2962611A-EC8C-490C-BA3F-FB96D596B38D@opera.com>, Karl Dubost writes:
> > 
> >> X-Forwarded-For is used by Opera Mini servers. What about others?
> > 
> > I thought the objective here was to define a replacement for X-Forwarded-For ?
> 
> Yup. Sorry for not being clear. 
> Are there other products/companies using X-Forwarded-For?

I know quite a number of companies using it for logging purposes.

> What are the products emitting the header?

At least apache , haproxy and squid immediately come to mind.
Haproxy already emits it for IPv4 and IPv6 addresses and uses
no brackets, it emits it as returned by inet_ntop().

> What are the products parsing the header? (libraries, etc)

haproxy is able to use it for various purposes (IP-based ACL
filtering, transparent binding, etc...). Right now it only
parses it for IPv4 addresses, so adding support for both
brackets and non-brackets forms is not a problem.

> What are the usual mistakes, errors, etc we might have to face when parsing this header?

The most common one in my experience is that many people don't understand
that it is a list, and that having multiple header occurrences is equivalent
to having their values delimited by commas. Many of those users tend to log
only the first occurrence then complain they find stupid values there.

Regards,
Willy
Received on Thursday, 7 April 2011 16:09:10 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:39 GMT