You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This blog post mentions using all X-Forwarded-For/Forwarded IPs in a "deny if any" access control scheme: disallow if any of the XFF IPs are on a forbidden list. To participate in that scheme, we would need to return all IPs, rather than just one "real" IP.
Is that access controls scheme just hypothetical? Is supporting it outside our purview? Or should we add the functions necessary to enable it?
This wouldn't really be a "strategy". Probably just a function that takes r.Header and returns a slice of strings. Maybe only valid ones? Maybe not?
The text was updated successfully, but these errors were encountered:
This blog post mentions using all
X-Forwarded-For
/Forwarded
IPs in a "deny if any" access control scheme: disallow if any of the XFF IPs are on a forbidden list. To participate in that scheme, we would need to return all IPs, rather than just one "real" IP.Is that access controls scheme just hypothetical? Is supporting it outside our purview? Or should we add the functions necessary to enable it?
This wouldn't really be a "strategy". Probably just a function that takes
r.Header
and returns a slice of strings. Maybe only valid ones? Maybe not?The text was updated successfully, but these errors were encountered: