You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@apisix.apache.org by "bzp2010 (via GitHub)" <gi...@apache.org> on 2023/03/24 15:06:51 UTC
[GitHub] [apisix] bzp2010 opened a new issue, #9164: bug: X-Forwarded-For logic error in real-ip plugin
bzp2010 opened a new issue, #9164:
URL: https://github.com/apache/apisix/issues/9164
### Current Behavior
When there are multiple IPs in XFF, real-ip will use the last IP as the source IP.
[code](https://github.com/apache/apisix/blob/master/apisix/plugins/real-ip.lua#L91-L100)
### Expected Behavior
According to MDN Web Docs, when XFF has multiple values, the first IP will be the client IP.
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-For#syntax
### Error Logs
_No response_
### Steps to Reproduce
1. Enable the real-ip plugin and try to send an XFF header with multiple IPs, APISIX will get the wrong one.
In fact, according to the code and MDN documentation, it has indeed been proven beyond doubt that there is an error here. And this error has existed for a long time.
### Environment
- APISIX version (run `apisix version`): 3.2.0 on master branch
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] bzp2010 commented on issue #9164: bug: X-Forwarded-For logic error in real-ip plugin
Posted by "bzp2010 (via GitHub)" <gi...@apache.org>.
bzp2010 commented on issue #9164:
URL: https://github.com/apache/apisix/issues/9164#issuecomment-1483743807
This is a misidentification, and with a function like http://nginx.org/en/docs/http/ngx_http_realip_module.html#real_ip_recursive we can correctly handle request headers for multiple IPs.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] kellyseeme commented on issue #9164: bug: X-Forwarded-For logic error in real-ip plugin
Posted by "kellyseeme (via GitHub)" <gi...@apache.org>.
kellyseeme commented on issue #9164:
URL: https://github.com/apache/apisix/issues/9164#issuecomment-1520029801
i change it in my docker,and restart it ,why it not affected?also the wrong results?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] bzp2010 closed issue #9164: bug: X-Forwarded-For logic error in real-ip plugin
Posted by "bzp2010 (via GitHub)" <gi...@apache.org>.
bzp2010 closed issue #9164: bug: X-Forwarded-For logic error in real-ip plugin
URL: https://github.com/apache/apisix/issues/9164
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org