ProxyFixMiddleware: Turns out GCP LBs and possibly AWS LBs only have one value in `x-forwarded-proto`

pgjones / hypercorn

Hypercorn is an ASGI and WSGI Server based on Hyper libraries and inspired by Gunicorn.

MIT License

1.18k stars 105 forks source link

ProxyFixMiddleware: Turns out GCP LBs and possibly AWS LBs only have one value in `x-forwarded-proto` #242

Open nabheet opened 5 months ago

nabheet commented 5 months ago

I am not sure about the best way to handle this test case if there are multiple IPs in X-Forwarded-For but only one value in X-Forwarded-Proto (or not the same amount).

In GCP, X-Forward-Proto always has only one value.

In AWS, X-Forwarded-Proto always has only one value.

nabheet commented 5 months ago

Looks like MDN also assumes single value.

Wondering if the best way to handle it is to use the hops if that many values exist, otherwise default to the first one from the left. Or if we have hops set to 5, but only 4 x-forwarded-proto headers exist, maybe use the first one from the left as that would be the last one from the right. Man this is so confusing!!! 😄