mirror of
https://github.com/frappe/gunicorn.git
synced 2026-07-02 18:51:31 +08:00
Update config.py
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
This commit is contained in:
parent
fb698ef0f7
commit
cc974da87e
@ -1346,61 +1346,20 @@ class ForwardedAllowIPS(Setting):
|
|||||||
In each case, we have a request from the remote address 134.213.44.18, and the default value of
|
In each case, we have a request from the remote address 134.213.44.18, and the default value of
|
||||||
``secure_scheme_headers``:
|
``secure_scheme_headers``:
|
||||||
|
|
||||||
.. code::
|
```python
|
||||||
|
|
||||||
secure_scheme_headers = {
|
secure_scheme_headers = {
|
||||||
'X-FORWARDED-PROTOCOL': 'ssl',
|
'X-FORWARDED-PROTOCOL': 'ssl',
|
||||||
'X-FORWARDED-PROTO': 'https',
|
'X-FORWARDED-PROTO': 'https',
|
||||||
'X-FORWARDED-SSL': 'on'
|
'X-FORWARDED-SSL': 'on'
|
||||||
}
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
| forwarded-allow-ips | Secure Request Headers | Result | Explanation |
|
||||||
.. list-table::
|
| ------------------- | -------------------------------------------------- | ------------------------------- | ----------------------------------------------------------------------------- |
|
||||||
:header-rows: 1
|
| `"127.0.0.1"` | `X-Forwarded-Proto: https` | `wsgi.url_scheme = "http"` | IP address was not allowed |
|
||||||
:align: center
|
| `"*"` | `<none>` | `wsgi.url_scheme = "http"` | IP address allowed, but no secure headers provided |
|
||||||
:widths: auto
|
| `"*"` | `X-Forwarded-Proto: https` | `wsgi.url_scheme = "https"` | IP address allowed, one request header matched |
|
||||||
|
| `"134.213.44.18"` | `X-Forwarded-Ssl: on`<br>`X-Forwarded-Proto: http` | `InvalidSchemeHeaders()` raised | IP address allowed, but the two secure headers disagreed on if HTTPS was used |
|
||||||
* - ``forwarded-allow-ips``
|
|
||||||
- Secure Request Headers
|
|
||||||
- Result
|
|
||||||
- Explanation
|
|
||||||
* - .. code::
|
|
||||||
|
|
||||||
["127.0.0.1"]
|
|
||||||
- .. code::
|
|
||||||
|
|
||||||
X-Forwarded-Proto: https
|
|
||||||
- .. code::
|
|
||||||
|
|
||||||
wsgi.url_scheme = "http"
|
|
||||||
- IP address was not allowed
|
|
||||||
* - .. code::
|
|
||||||
|
|
||||||
"*"
|
|
||||||
- <none>
|
|
||||||
- .. code::
|
|
||||||
|
|
||||||
wsgi.url_scheme = "http"
|
|
||||||
- IP address allowed, but no secure headers provided
|
|
||||||
* - .. code::
|
|
||||||
|
|
||||||
"*"
|
|
||||||
- .. code::
|
|
||||||
|
|
||||||
X-Forwarded-Proto: https
|
|
||||||
- .. code::
|
|
||||||
|
|
||||||
wsgi.url_scheme = "https"
|
|
||||||
- IP address allowed, one request header matched
|
|
||||||
* - .. code::
|
|
||||||
|
|
||||||
["134.213.44.18"]
|
|
||||||
- .. code::
|
|
||||||
|
|
||||||
X-Forwarded-Ssl: on
|
|
||||||
X-Forwarded-Proto: http
|
|
||||||
- ``InvalidSchemeHeaders()`` raised
|
|
||||||
- IP address allowed, but the two secure headers disagreed on if HTTPS was used
|
|
||||||
|
|
||||||
|
|
||||||
"""
|
"""
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user