Comments (6)
Hi, I'm GitMate.io!
It seems you've just enabled the issue triaging. I'm just scraping all issues from your repository and will give you some more information about this in a few minutes or so.
Because of the rate limit we can't scrape all information (including all comments and authors) right now - our system is already set up to scrape this in the next days over which the predictions will become more precise every day.
If you want me to use a different account for triaging your issues, simply create one and log in with it.
Sit tight!
from aiohttp-remotes.
XForwardedStrict
is intended to be used in a config with reverse proxy.
If it was configured for proxy but no X-Forwarded
header is present -- it is a configuration (or deployment) error.
If you don't need such strict security -- use XForwardedRelaxed
(which could be compromised but maybe good enough for your case).
from aiohttp-remotes.
Andrew: Thanks for your speedy response (and the great library).
I disagree with the premise that it is a deployment configuration issue as I want to run the same code in development (desktop without a proxy) and deployment (behind a proxy).
In production environments, I frequently find the need to access the service directly via a curl command (testing new deploys, monitoring, etc.)--though I could add an X-Forwarded-For header to the curl command.
I put together a pull request (including test), with the understanding that your use case is different than mine.
Regards, Ray
from aiohttp-remotes.
Say again, if you want to pass over the strict check -- use XForwardedRelaxed
.
from aiohttp-remotes.
from aiohttp-remotes.
I agree we have a different understanding of the library usage.
I use different configs for development and production.
XForwardedStrict
policy is not installed on a dev box. It is pretty easy.
For handling health checks and monitoring I use a whitelist of internal paths: XForwardedStrict(['x.x.x.x'], white_paths=('/ping', '/monitor'))
from aiohttp-remotes.
Related Issues (10)
- Add support IP address including port in X_FORWARDED_FOR header HOT 2
- Cloudflare setup can be faster via asyncio.gather HOT 1
- X-Forwarded middleware that filters out trusted values
- (X-)Forwarded not compatible with AF_INET6 HOT 1
- Dependabot couldn't authenticate with https://pypi.python.org/simple/
- Update all `secret: ` values in `.travis.yml` HOT 3
- XForwardedXXX Does not allow more than proxy in the X-Forwarded-For header. HOT 2
- Access logger does not use correct remote address HOT 3
- [Bug?] TooManyHeaders(hdrs.X_FORWARDED_FOR) is raised due to duplicate IPs HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from aiohttp-remotes.