Closed antoniozh closed 3 months ago
In my case, only localhost was shown as the IP address, so I'm afraid not. Edit: I checked the MS docs and it seems like you are right about the forward options, but I'm not sure why the x-forwarded-for headers are not taken into account
Edit 2: This might be the reason: https://learn.microsoft.com/en-us/aspnet/core/host-and-deploy/proxy-load-balancer?view=aspnetcore-8.0
"If no ForwardedHeadersOptions are specified or applied directly to the extension method with UseForwardedHeaders, the default headers to forward are ForwardedHeaders.None. The ForwardedHeaders property must be configured with the headers to forward."
specified or applied directly t
good catch!
i believe this no longer needed
Description
I added an if-case in VideoStreamsController that checks for the X-Forwarded-For header so that when a reverse proxy is used, the client host panel will show the proxied IP instead. There could be some setting in the future for a trusted downstream proxy, but I'll just conveniently assume that a client which can already access the server is unlikely an attacker.
Issues Fixed or Closed
Type of Change
Please delete options that are not relevant.
Checklist