From ab5ac962ed09db20946f07316abc60e6ee4c33ae Mon Sep 17 00:00:00 2001 From: Johnathan Gilday Date: Mon, 23 Dec 2024 10:13:20 -0500 Subject: [PATCH] Typo in Proxy Configuration Guidance HTTP documentation includes guidance for configuring a reverse proxy. It states that the proxy should strip "X-Forwarded" and "X-Forwarded-*" headers, but I believe it meant "Forwarded" and "X-Forwarded-*" headers. --- docs/src/main/asciidoc/http-reference.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/src/main/asciidoc/http-reference.adoc b/docs/src/main/asciidoc/http-reference.adoc index 10b58e6b2866b..3b1aa4bc1df4a 100644 --- a/docs/src/main/asciidoc/http-reference.adoc +++ b/docs/src/main/asciidoc/http-reference.adoc @@ -554,7 +554,7 @@ quarkus.http.proxy.trusted-proxies=127.0.0.1 <1> ---- <1> Configure trusted proxy with the IP address `127.0.0.1`. Request headers from any other address are going to be ignored. -Both configurations related to standard and non-standard headers can be combined, although the standard headers configuration will have precedence. However, combining them has security implications as clients can forge requests with a forwarded header that is not overwritten by the proxy. Therefore, proxies should strip unexpected `X-Forwarded` or `X-Forwarded-*` headers from the client. +Both configurations related to standard and non-standard headers can be combined, although the standard headers configuration will have precedence. However, combining them has security implications as clients can forge requests with a forwarded header that is not overwritten by the proxy. Therefore, proxies should strip unexpected `Forwarded` or `X-Forwarded-*` headers from the client. Supported forwarding address headers are: