blape@utk.edu writes:
>
> Is there anyway to get the Squid proxy server to send the
>TCP/IP address the machine hitting the web server via the proxy? That is, say
>John Q. Public is on pc101.someplace.edu and is using Netscape which in turn
>uses a proxy server on bigmachine.someplace.edu. Now John clicks on a link to
>http://someother.place.edu/index.html. Normally the web server would see
>bigmachine.someplace.edu calling. How would one configure the proxy server to
>tell someother.place.edu that it is pc101.someplace.edu calling?
See the 1.1 Release Notes:
X-Forwarded-For request header
==============================================================================
Squid used to add a request header called "Forwarded" which appeared
in some early HTTP/1.1 draft documents. This header had the format
Forwarded: by cache-host for client-address
Current HTTP/1.1 draft documents instead use the "Via" header, but it
does not provide any standard way of indicating the client address
in the request. Since a number of people missed having the originating
client address in the request, Squid now adds its own request header
called "X-Forwarded-For" which looks like this:
X-Forwarded-For: 128.138.243.150, unknown, 192.52.106.30
Entries are always IP addresses, or the word "unknown" if the address
could not be determined or if it has been disabled with the
'forwarded_for' configuration option.
We must note that access controls based on this header are extremely
weak and simple to fake. Anyone may hand-enter a request with any IP
address whatsoever. This is perhaps the reason why client IP addresses
have been omitted from the HTTP/1.1 specification.
Duane W.
Received on Wed Jan 22 1997 - 14:10:43 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:34:09 MST