Support X-Forwarded-For header from reverse proxy #3455
kantlivelong
started this conversation in
Feature Request
Replies: 2 comments
-
I also wanted to note that the auth process has a partial implementation for this though it does not include the whitelist which would allow an attacker to spoof any IP desired in the auth log. https://github.com/mealie-recipes/mealie/blob/mealie-next/mealie/routes/auth/auth.py#L40 |
Beta Was this translation helpful? Give feedback.
0 replies
-
Notes for implementation: these logs are from uvicorn. It looks like we may just need to provide a flag on start. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
First Check
Please provide a concise description of the problem that would be addressed by this feature.
Mealie does not properly log the client IP when behind a reverse proxy.
Example:
The client IP in my case would either be an internet address or an address from my LAN other than the reverse proxy. In this case the IP is from Istios mTLS proxy.
Please provide a concise description of the feature that would resolve your issue.
Recognizing the X-Forwarded-For header.
Please consider and list out some caveats or tradeoffs made in your design decision
Mealie must also have a complimentary trusted proxy IP/CIDR list.
Additional Information
Beta Was this translation helpful? Give feedback.
All reactions