Command
run
Is this a regression?
The previous version in which this bug was not present was
No response
Description
If i understand well what's written here and here, when I put trustProxyHeaders: true, I should not have the following errors anymore:
│ Received "x-forwarded-client-cert" header but "trustProxyHeaders" was not set up to allow it. │
│ For more information, see https://angular.dev/best-practices/security#configuring-trusted-proxy-headers │
│ Received "x-forwarded-for" header but "trustProxyHeaders" was not set up to allow it. │
│ For more information, see https://angular.dev/best-practices/security#configuring-trusted-proxy-headers
But I still have them 😄
However, when I put:
trustProxyHeaders: [
'x-forwarded-proto',
'x-forwarded-host',
'x-forwarded-prefix',
'x-forwarded-for',
'x-forwarded-client-cert',
'x-forwarded-email',
'x-forwarded-groups',
],
Then the errors disapear
When I look at the pull request for this feature, I see that the function isProxyHeaderAllowed won't return true if trustProxyHeaders has the value true, I don't know if it's related
Minimal Reproduction
with @angular/ssr version 20.3.25, put trustProxyHeaders: true in an app behind a proxy
Exception or Error
│ Received "x-forwarded-client-cert" header but "trustProxyHeaders" was not set up to allow it. │
│ For more information, see https://angular.dev/best-practices/security#configuring-trusted-proxy-headers │
│ Received "x-forwarded-for" header but "trustProxyHeaders" was not set up to allow it. │
│ For more information, see https://angular.dev/best-practices/security#configuring-trusted-proxy-headers
Your Environment
Angular CLI: 20.3.25
Node: 22.22.2
Package Manager: npm 10.8.2
OS: win32 x64
Angular: 20.3.20
... animations, common, compiler, compiler-cli, core, forms
... platform-browser, platform-browser-dynamic, platform-server
... router
Package Version
------------------------------------
@angular-devkit/architect 0.2003.25
@angular-devkit/core 20.3.25
@angular-devkit/schematics 20.3.25
@angular/build 20.3.25
@angular/cdk 20.2.14
@angular/cli 20.3.25
@angular/google-maps 20.2.14
@angular/material 20.2.14
@angular/ssr 20.3.25
@schematics/angular 20.3.25
rxjs 7.8.2
typescript 5.8.3
zone.js 0.15.1
Anything else relevant?
No response
Command
run
Is this a regression?
The previous version in which this bug was not present was
No response
Description
If i understand well what's written here and here, when I put trustProxyHeaders: true, I should not have the following errors anymore:
But I still have them 😄
However, when I put:
Then the errors disapear
When I look at the pull request for this feature, I see that the function isProxyHeaderAllowed won't return true if trustProxyHeaders has the value true, I don't know if it's related
Minimal Reproduction
with @angular/ssr version 20.3.25, put trustProxyHeaders: true in an app behind a proxy
Exception or Error
Your Environment
Anything else relevant?
No response