Replies: 2 comments 1 reply
-
That's weird we can't now to forward a port. The code in if b"x-forwarded-for" in headers:
# Determine the client address from the last trusted IP in the
# X-Forwarded-For header. We've lost the connecting client's port
# information by now, so only include the host.
x_forwarded_for = headers[b"x-forwarded-for"].decode("latin1")
x_forwarded_for_hosts = [
item.strip() for item in x_forwarded_for.split(",")
]
host = self.get_trusted_client_host(x_forwarded_for_hosts)
port = 0 # Why?
scope["client"] = (host, port) # type: ignore[arg-type] |
Beta Was this translation helpful? Give feedback.
-
Running into this as well. As a result, my application code is seeing the wrong URL (the reverse proxy's external port is simply dropped). This is messing up SAML redirection. @tomchristie the comment about having lost the port information dates back to 2019: 723d3dc#diff-2aac760f9130c977efeb1e27f47935b2fafbae726eac7fb42ed22a2ff6557667R38-R39 Any reason it doesn't just look for |
Beta Was this translation helpful? Give feedback.
-
From the documentation:
--proxy-headers / --no-proxy-headers Enable/Disable X-Forwarded-Proto, X-Forwarded-For, X-Forwarded-Port to populate remote address info.
But I've noticed that, when the flag is set, the
X-Forwarded-Port
is not actually used by the application, and the source port is always set to 0.This has to do with how the `ProxyHeadersMiddleware' is implemented, which does not match the behavior described in the docs.
Beta Was this translation helpful? Give feedback.
All reactions