Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Reliably access client IP address behind Azure Front Door #79394

Closed
sciguy16 opened this issue Aug 6, 2021 · 3 comments
Closed

Reliably access client IP address behind Azure Front Door #79394

sciguy16 opened this issue Aug 6, 2021 · 3 comments
Assignees
@SaiKishor-MSFT
Labels
cxp frontdoor/svc needs-more-info Pri2 product-question triaged

Comments

@sciguy16
Copy link

sciguy16 commented Aug 6, 2021

Hi, I'm looking at the documentation for the X-Azure-ClientIP and X-Azure-SocketIP headers and it's not completely clear to me how they will behave if a client sends a request with their own value for these. X-Forwarded-For explicitly states that Front Door will append an additional value if the incoming request includes one, and X-Azure-SocketIP suggests that X-Azure-ClientIP might get overwritten by a user.

What's the recommended way to get the client's IP address in an application behind Azure Front Door while discarding/ignoring user-submitted values?

Document Details

Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.
@SaiKishor-MSFT SaiKishor-MSFT self-assigned this Aug 6, 2021
@SaiKishor-MSFT
Copy link
Contributor

Thanks for the feedback! We are currently investigating and will update you shortly.

@SaiKishor-MSFT
Copy link
Contributor

Thanks for leveraging Azure docs feedback channel to raise this question. This channel is reserved for ‘Azure docs’ feedback- for sharing doc feedback and suggesting content improvements. We didn't determine any changes for this documentation upon reviewing this feedback.
If your issue is specific to a use case, we request you to please reach out in forums like Microsoft Q&A or Stackoverflow. We have our engineers and other community members who will be happy to assist. Forums have a better suited audience for such queries. Once your issue is posted in forum, please do share the forum thread link here for tracking.
If you have a document which you are following and if you think it needs an update, please let us know about that here.
Thank you!

@sciguy16
Copy link
Author

@SaiKishor-MSFT Yes, I'm only interested in the values added by Front Door, because other values can easily be spoofed by end users. How do the X-Azure-ClientIP and X-Azure-SocketIP headers behave when an incoming request already has values set for them?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@SaiKishor-MSFT SaiKishor-MSFT

Labels
cxp frontdoor/svc needs-more-info Pri2 product-question triaged
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@sciguy16 @PRMerger13 @SaiKishor-MSFT