[Web-SIG] REMOTE_ADDR and proxys
Damjan Georgievski
gdamjan at gmail.com
Tue Sep 30 00:39:11 CEST 2014
On 29 September 2014 23:14, Collin Anderson <cmawebsite at gmail.com> wrote:
> Thanks guys. So it sounds like it should be the responsibility of a
> middleware to re normalize the environment?
I don't think it's always like that.
The knowledge of the setup related to REMOTE_ADDR and trusted proxies
is with the system admin,
and he is the one setting up the WSGI server. So unless the developer
implements and allows configuring
the said middleware, sys-admins hands are tied to do anything about it.
BTW, currently when I use nginx/uwsgi I have to configure my nginx
what its trusted proxies are, and what headers (or else they use) and
uwsgi luckily doesn't need additional setup when using the uwsgi
protocol, it just gets the nginx REMOTE_ADDR info.
--
damjan
More information about the Web-SIG
mailing list