Changes with Apache 2.3.11
+ *) mod_proxy_http: make adding of X-Forwarded-* headers configurable.
+ ProxyAddHeaders defaults to On. [Vincent Deffontaines]
+
*) mod_slotmem_shm: Increase memory alignment for slotmem data.
[Rainer Jung]
</usage>
</directivesynopsis>
+<directivesynopsis>
+<name>ProxyAddHeaders</name>
+<description>Add proxy information in X-Forwarded-* headers</description>
+<syntax>ProxyAddHeaders Off|On</syntax>
+<default>ProxyAddHeaders On</default>
+<contextlist><context>server config</context>
+<context>virtual host</context>
+<context>directory</context>
+</contextlist>
+<compatibility>Available in version 2.3.10 and later</compatibility>
+
+<usage>
+ <p>This directive determines whether or not proxy related information should be passed to the
+ backend server through X-Forwarded-For, X-Forwarded-Host and X-Forwarded-Server HTTP headers.</p>
+ <note><title>Effectiveness</title>
+ <p>This option is of use only for HTTP proxying, as handled by <module>mod_proxy_http</module>.</p>
+ </note>
+
+
+</usage>
+</directivesynopsis>
</modulesynopsis>
new->interpolate_env = -1; /* unset */
new->error_override = 0;
new->error_override_set = 0;
+ new->add_forwarded_headers = 1;
return (void *) new;
}
new->error_override_set = add->error_override_set || base->error_override_set;
new->alias = (add->alias_set == 0) ? base->alias : add->alias;
new->alias_set = add->alias_set || base->alias_set;
+ new->add_forwarded_headers = add->add_forwarded_headers;
return new;
}
conf->error_override_set = 1;
return NULL;
}
+static const char *
+ add_proxy_http_headers(cmd_parms *parms, void *dconf, int flag)
+{
+ proxy_dir_conf *conf = dconf;
+ conf->add_forwarded_headers = flag;
+ return NULL;
+}
static const char *
set_preserve_host(cmd_parms *parms, void *dconf, int flag)
{
"A balancer or worker name with list of params"),
AP_INIT_TAKE1("ProxySourceAddress", set_source_address, NULL, RSRC_CONF,
"Configure local source IP used for request forward"),
+ AP_INIT_FLAG("ProxyAddHeaders", add_proxy_http_headers, NULL, RSRC_CONF|ACCESS_CONF,
+ "on if X-Forwarded-* headers should be added or completed"),
{NULL}
};
int preserve_host_set:1;
int error_override_set:1;
int alias_set:1;
+ int add_forwarded_headers:1;
} proxy_dir_conf;
/* if we interpolate env vars per-request, we'll need a per-request
* a forward proxy configuation instead of X-Forwarded-*. See the
* ProxyVia option for details.
*/
-
- if (PROXYREQ_REVERSE == r->proxyreq) {
- const char *buf;
-
- /* Add X-Forwarded-For: so that the upstream has a chance to
- * determine, where the original request came from.
- */
- apr_table_mergen(r->headers_in, "X-Forwarded-For",
- c->remote_ip);
-
- /* Add X-Forwarded-Host: so that upstream knows what the
- * original request hostname was.
- */
- if ((buf = apr_table_get(r->headers_in, "Host"))) {
- apr_table_mergen(r->headers_in, "X-Forwarded-Host", buf);
- }
-
- /* Add X-Forwarded-Server: so that upstream knows what the
- * name of this proxy server is (if there are more than one)
- * XXX: This duplicates Via: - do we strictly need it?
- */
- apr_table_mergen(r->headers_in, "X-Forwarded-Server",
- r->server->server_hostname);
+ if (dconf->add_forwarded_headers) {
+ if (PROXYREQ_REVERSE == r->proxyreq) {
+ const char *buf;
+
+ /* Add X-Forwarded-For: so that the upstream has a chance to
+ * determine, where the original request came from.
+ */
+ apr_table_mergen(r->headers_in, "X-Forwarded-For",
+ c->remote_ip);
+
+ /* Add X-Forwarded-Host: so that upstream knows what the
+ * original request hostname was.
+ */
+ if ((buf = apr_table_get(r->headers_in, "Host"))) {
+ apr_table_mergen(r->headers_in, "X-Forwarded-Host", buf);
+ }
+
+ /* Add X-Forwarded-Server: so that upstream knows what the
+ * name of this proxy server is (if there are more than one)
+ * XXX: This duplicates Via: - do we strictly need it?
+ */
+ apr_table_mergen(r->headers_in, "X-Forwarded-Server",
+ r->server->server_hostname);
+ }
}
proxy_run_fixups(r);
projects / apache / commitdiff