- From: John C. Mallery <jcma@ai.mit.edu>
- Date: Wed, 15 Oct 2003 17:18:55 -0400
- To: Peter Watkins <peterw@usa.net>
- Cc: Mark Nottingham <mnot@mnot.net>, ietf-http-wg@w3.org
At 15:20 -0400 10/15/03, Peter Watkins wrote: >John C. Mallery wrote: > >>So, what happens if there is more than one reverse proxy in the chain? >> >>X-Forwarded-For looks like the ip number of the reverse proxy. >> >>X-Forwarded-server looks like the virtual host (potentially), as you suggest. >> >>What is not clear to me is why Apache can't just pass through the HOST header as >>received and use the VIA header to convey the reverse proxy information to the >>upstream server. >> >>Why is a reverse proxy any different than a forward proxy? Shouldn't the >>VIA header do the job? Do we really need to differentiate the IP number from >>the server domain? Shouldn't the later suffice? > >These sound more like Apache/implementation questions than IETF/HTTP spec questions. Why does Apache, from your research, apparently send a different Host header? I could speculate[0] but I'm not sure this is an appropriate forum for discussing this particular behavior. Hi Peter, Actually this is more like a HTTP WG issue because the area of reverse proxies is a dark corner in the standards, where interoperability can be problematic. Here, we have one example implementation. But, I note that if the reverse proxy is performing SSL encapsulation for the upstream server, the set of headers provided to the upstream server is insufficient for it to realize that https URLs should be generated for any redirects to urls serves through that gateway. It would seem that lack of guidance from standards is leading to problems.
Received on Wednesday, 15 October 2003 17:19:25 UTC