apisix-ingress-controller
apisix-ingress-controller copied to clipboard
apache
bug: 配置x-forwarded-for后不生效
Issue description
在apisix的configmap中添加:add_header: X-Forwarded-For $http_x_forwarded_for后,后端节点依然无法获取X-Forwarded-For,业务场景中有需求获取X-Forwarded-For,目前没有找到如何配置的方法
Environment
- your apisix-ingress-controller version (output of apisix-ingress-controller version --long):
- your Kubernetes cluster version (output of kubectl version):
- if you run apisix-ingress-controller in Bare-metal environment, also show your OS version (uname -a):
Minimal test code / Steps to reproduce
host=.com x-real-ip=XXXX x-via=1.1 x-forwarded-proto=http x-forwarded-host=.com x-forwarded-port=8080 content-length=4 accept=application/x-protobuf feature=0 useragent=iOS/appstore v****** accept-language=zh-CN content-type=application/x-protobuf charset=UTF-8 ab=-1 user-agent=20.3.0 tid=B3FDD97B4B90 usertoken=61nRWFg cdn-src-ip=XXXX x-cdn-src-port=9234 x-ws-request-id=61f2*451-63789 accept-encoding=gzip
Actual result
nginx_config: # config for render the template to genarate nginx.conf
error_log: "/var/log/ingress-apisix/error.log"
error_log_level: "warn" # warn,error
worker_rlimit_nofile: 65535 # the number of files a worker process can open, should be larger than worker_connections
event:
worker_connections: 60000
http:
enable_access_log: true
access_log: "/var/log/ingress-apisix/access.log"
access_log_format: "[$host] [$remote_addr] [$http_x_forwarded_for] [$remote_user] [$time_local] [$request] [$status] [$body_bytes_sent] [$request_time] [$upstream_addr] [$upstream_response_time] [$connection] [$connection_requests] [$msec] [$uri] [$body_bytes_sent] [$http_referer] [$http_user_agent] [$request_length] [$http_session_id] [$scheme]"
access_log_format_escape: default
keepalive_timeout: 300s # timeout during which a keep-alive client connection will stay open on the server side.
client_header_timeout: 60s # timeout for reading client request header, then 408 (Request Time-out) error is returned to the client
client_body_timeout: 60s # timeout for reading client request body, then 408 (Request Time-out) error is returned to the client
send_timeout: 10s # timeout for transmitting a response to the client.then the connection is closed
underscores_in_headers: "on" # default enables the use of underscores in client request header fields
use_forwarded_headers: 'true'
compute_full_forwarded_for: 'true'
forwarded_for_header: 'X-Forwarded-For'
add_header: X-Forwarded-For $http_x_forwarded_for
Error log
无法获取X-Forwarded-For
Expected result
No response
下面配置是添加的一个test的header proxy_set_header X-Forwarded-for $var_x_forwarded_for; proxy_set_header test $var_x_forwarded_for; 在我们的后端节点上是可以收到的,然而却没有收到X-Forwarded-for 的header host=.com x-real-ip=XXXX test=11XXX0.130, 1XXX.56 x-forwarded-proto=http x-forwarded-host=.com x-forwarded-port=9080 content-length=4 accept=application/x-protobuf
下面是我添加的 X-Forwarded-for header,同时X-Forwarded-for也存在 proxy_set_header X-Forwarded-for $var_x_forwarded_for; proxy_set_header x-forwarded-for $var_x_forwarded_for; 在我们的后端节点上只收到了x-forwarded-for ,也就是说不支持X-Forwarded-for
This issue has been marked as stale due to 90 days of inactivity. It will be closed in 30 days if no further activity occurs. If this issue is still relevant, please simply write any comment. Even if closed, you can still revive the issue at any time or discuss it on the [email protected] list. Thank you for your contributions.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
This issue has been closed due to lack of activity. If you think that is incorrect, or the issue requires additional review, you can revive the issue at any time.