[COUCHDB-1421] Wrong X-Forwarded-For address chosen as "peer" - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Won't Fix
Affects Version/s: None
Fix Version/s: None
Component/s: HTTP Interface
Labels:
None

Description

I noticed that in the Mochiweb code, it uses the last item of the X-Forwarded-For list as the peer:
https://github.com/apache/couchdb/blob/master/src/mochiweb/mochiweb_request.erl#L82

But shouldn't this snag the first item of the list instead? http://tools.ietf.org/html/draft-petersson-forwarded-for-02#section-5.2 says "the first for-parameter will disclose the user agent where the request first was made" — the user agent is what I'd want as an app developer, not the second-nearest proxy.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Nathan Vander Wilt

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 24/Feb/12 02:04

Updated:: 02/Sep/18 06:36

Resolved:: 02/Sep/18 06:36