View Issue Details

IDProjectCategoryView StatusLast Update
0001111savapage-server[All Projects] Generalpublic2020-01-24 19:23
ReporterrijkrAssigned Torijkr 
PrioritynormalSeverityfeatureReproducibilityN/A
Status assignedResolutionopen 
Product Version1.1.0 
Target Version1.2.0Fixed in Version 
Summary0001111: Use HTTP XFF header to retrieve client IP address
DescriptionIST: The Remote IP address from a HTTP Request is used as Client IP address. When client requests go through an HTTP Proxy or load balancer, the Remote IP address will be the IP address of the proxy or load balancer only. In that case the Remote IP address can't be used to define Terminal devices or to restrict access to SavaPage objects (Queues, Web Services, etc).
SOLL-1: Add configuration property "webserver.http.header.xff.enable" N (default) | Y. If Y, the HTPP "X-Forwarded-For" header is used to retrieve the Client IP address.
SOLL-2: Add configuration property "webserver.http.header.xff.proxies.allowed": a CIDR range of allowed proxies. If empty all Proxy IP addresses are allowed.
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-For
TagsNo tags attached.

Activities

There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2020-01-24 19:23 rijkr New Issue
2020-01-24 19:23 rijkr Status new => assigned
2020-01-24 19:23 rijkr Assigned To => rijkr