You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardexpand all lines: content/docs/reference/x-forwarded-for-http-header.mdx
+6-2
Original file line number
Diff line number
Diff line change
@@ -17,9 +17,13 @@ import TabItem from '@theme/TabItem';
17
17
18
18
## Summary
19
19
20
-
**X-Forwarded-For HTTP Header** indicates the IP addresses that a request has flowed through on its way from the client to the server.
20
+
The `X-Forwarded-For` HTTP header can be used to indicate the IP addresses through which a request has flowed on its way from the end user to an upstream service.
21
21
22
-
Do not append proxy IP addresses to the `x-forwarded-for` HTTP header. See the [Envoy](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_conn_man/headers.html?highlight=skip_xff_append#x-forwarded-for) docs for more information.
22
+
By default, when Pomerium receives a request it will append the IP address of its direct downstream peer to this header value, before proxying the request to the upstream service.
23
+
24
+
However, if you set the `skip_xff_append` option to true, Pomerium will not modify any incoming `X-Forwarded-For` HTTP header. Pomerium will instead pass this incoming header to the upstream service unchanged.
25
+
26
+
See the [Envoy](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_conn_man/headers.html?highlight=skip_xff_append#x-forwarded-for) docs for more information about the `X-Forwarded-For` header.
0 commit comments