View Issue Details

IDProjectCategoryView StatusLast Update
0001111savapage-server[All Projects] Generalpublic2020-03-19 14:35
ReporterrijkrAssigned Torijkr 
Status resolvedResolutionfixed 
Product Version1.1.0 
Target Version1.2.0Fixed in Version1.2.0 
Summary0001111: Use HTTP XFF header to retrieve client IP address
DescriptionIST: The Remote IP address from a HTTP Request is used as Client IP address. When client requests go through an HTTP Proxy or load balancer, the Remote IP address will be the IP address of the proxy or load balancer only. In that case the Remote IP address can't be used to define Terminal devices or to restrict access to SavaPage objects (Queues, Web Services, etc).
SOLL-1: Add configuration property "webserver.http.header.xff.enable" N (default) | Y. If Y, the HTPP "X-Forwarded-For" header is used to retrieve the Client IP address.
SOLL-2: Add configuration property "webserver.http.header.xff.proxies.allowed": a CIDR range of allowed proxies. If empty all Proxy IP addresses are allowed.
TagsNo tags attached.


There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2020-01-24 19:23 rijkr New Issue
2020-01-24 19:23 rijkr Status new => assigned
2020-01-24 19:23 rijkr Assigned To => rijkr
2020-03-19 14:35 rijkr Status assigned => resolved
2020-03-19 14:35 rijkr Resolution open => fixed
2020-03-19 14:35 rijkr Fixed in Version => 1.2.0