Page MenuHomePhabricator
Create Task
Maniphest T266680

Cloud VPS Proxy does not set X-Forwarded-For
Closed, InvalidPublicBUG REPORT
Actions

Description

Steps to Reproduce

  1. Setup a Cloud VPS with a Proxy.
  2. Inspect the request headers from the instance

Actual Results
There is an X-Forwarded-Proto but no X-Forwarded-For. The lack of X-Forwarded-For means that the IP address recorded for edits in MediaWiki is that of the proxy, not of the user who made the request.

Expected Results
An X-Forwarded-For header containing the user's public IP address

Related Objects

Event Timeline

dbarratt created this task.Oct 28 2020, 3:30 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptOct 28 2020, 3:30 PM
aborrero triaged this task as Low priority.Oct 29 2020, 2:03 PM
aborrero added a project: cloud-services-team (Kanban).
aborrero subscribed.

This is a feature, not a bug. We however have a mechanism for whitelisting FQDNs that really need this information, see T135046: Allowlist Cloud VPS instances that need XFF header passed through the web proxy for context.

bd808 closed this task as Invalid.Oct 30 2020, 12:20 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits