New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Document why REMOTE_ADD may not be the user's IP address #1037

Merged
merged 1 commit into from May 22, 2015

Conversation

Projects
None yet
4 participants
@Starefossen
Contributor

Starefossen commented May 21, 2015

This PR updates the Gunicorn deploy documentation on why REMOTE_ADDR may not always be the IP address of the user.

Close: #1035
Related: #633

Signed-off-by: Hans Kristian Flaatten hans.kristian.flaatten@turistforeningen.no

Starefossen added a commit to Starefossen/gunicorn that referenced this pull request May 21, 2015

Document why `REMOTE_ADD` may not be the user's IP
Gunicorn v19 removed functionality which updated `REMOTE_ADDR` to the value of
the `X-Forwared-For` header if received from a trusted upstream client.  This
was a violation of RFC 3875 CGI Version 1.1, and was hence removed.

Close: #1035
PR-URL: #1037
Related: #633

Signed-off-by: Hans Kristian Flaatten <hans.kristian.flaatten@turistforeningen.no>

@Starefossen Starefossen changed the title from Document why `REMOTE_ADD` may not be the user's IP to Document why REMOTE_ADD may not be the user's IP address May 21, 2015

@berkerpeksag

This comment has been minimized.

Show comment
Hide comment
@berkerpeksag

berkerpeksag May 21, 2015

Collaborator

LGTM

Collaborator

berkerpeksag commented May 21, 2015

LGTM

@Starefossen

This comment has been minimized.

Show comment
Hide comment
@Starefossen

Starefossen May 21, 2015

Contributor

Maybe also add that REMOTE_ADDR will be empty if you bind Gunicorn to a unix socket as well?

Contributor

Starefossen commented May 21, 2015

Maybe also add that REMOTE_ADDR will be empty if you bind Gunicorn to a unix socket as well?

@benoitc

This comment has been minimized.

Show comment
Hide comment
@benoitc

benoitc May 21, 2015

Owner

@Starefossen good idea :)

Owner

benoitc commented May 21, 2015

@Starefossen good idea :)

Starefossen added a commit to Starefossen/gunicorn that referenced this pull request May 21, 2015

Document why `REMOTE_ADD` may not be the user's IP
Gunicorn v19 removed functionality which updated `REMOTE_ADDR` to the value of
the `X-Forwared-For` header if received from a trusted upstream client.  This
was a violation of RFC 3875 CGI Version 1.1, and was hence removed.

Close: #1035
PR-URL: #1037
Related: #633

Signed-off-by: Hans Kristian Flaatten <hans.kristian.flaatten@turistforeningen.no>
@Starefossen

This comment has been minimized.

Show comment
Hide comment
@Starefossen

Starefossen May 21, 2015

Contributor

Ok, I have now amended a paragraph to my original commit.

Contributor

Starefossen commented May 21, 2015

Ok, I have now amended a paragraph to my original commit.

Show outdated Hide outdated docs/source/deploy.rst

Starefossen added a commit to Starefossen/gunicorn that referenced this pull request May 21, 2015

Document why `REMOTE_ADD` may not be the user's IP
Gunicorn v19 removed functionality which updated `REMOTE_ADDR` to the value of
the `X-Forwared-For` header if received from a trusted upstream client.  This
was a violation of RFC 3875 CGI Version 1.1, and was hence removed.

Close: #1035
PR-URL: #1037
Related: #633

Signed-off-by: Hans Kristian Flaatten <hans.kristian.flaatten@turistforeningen.no>
Show outdated Hide outdated docs/source/deploy.rst
@tilgovi

This comment has been minimized.

Show comment
Hide comment
@tilgovi

tilgovi May 21, 2015

Collaborator

I love documentation PRs!!! :) :)

Collaborator

tilgovi commented May 21, 2015

I love documentation PRs!!! :) :)

@berkerpeksag

This comment has been minimized.

Show comment
Hide comment
@berkerpeksag

berkerpeksag May 21, 2015

Collaborator

@tilgovi +1 :)

Collaborator

berkerpeksag commented May 21, 2015

@tilgovi +1 :)

@benoitc

This comment has been minimized.

Show comment
Hide comment
@benoitc
Owner

benoitc commented May 21, 2015

Document why `REMOTE_ADD` may not be the user's IP
Gunicorn v19 removed functionality which updated `REMOTE_ADDR` to the value of
the `X-Forwared-For` header if received from a trusted upstream client.  This
was a violation of RFC 3875 CGI Version 1.1, and was hence removed.

Close: #1035
PR-URL: #1037
Related: #633

Signed-off-by: Hans Kristian Flaatten <hans.kristian.flaatten@turistforeningen.no>
@Starefossen

This comment has been minimized.

Show comment
Hide comment
@Starefossen

Starefossen May 21, 2015

Contributor

I'm just happy to be of any help. Thank you for making Gunicorn ❤️

Contributor

Starefossen commented May 21, 2015

I'm just happy to be of any help. Thank you for making Gunicorn ❤️

berkerpeksag added a commit that referenced this pull request May 22, 2015

Merge pull request #1037 from Starefossen/remote-addr-disambiguation
Document why REMOTE_ADD may not be the user's IP address

@berkerpeksag berkerpeksag merged commit e6cf15c into benoitc:master May 22, 2015

1 check passed

continuous-integration/travis-ci/pr The Travis CI build passed
Details
@berkerpeksag

This comment has been minimized.

Show comment
Hide comment
@berkerpeksag

berkerpeksag May 22, 2015

Collaborator

Thanks!

Collaborator

berkerpeksag commented May 22, 2015

Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment