X-Forwarded-Proto / X_FORWARDED_PROTO
Iñaki Baz Castillo
ibc at aliax.net
Sat Jan 9 17:33:41 EST 2010
El Sábado, 9 de Enero de 2010, skaar escribió:
> think I came across an issue with the parser in unicorn, with a request
> (due to 2 layers of nginx proxying) coming across with both a
> X_FORWARDED_PROTO and a X-Forwarded-Proto header. From the socket (in
> HttpRequest) - we get:
> X_FORWARDED_PROTO: http
> X-Forwarded-Proto: https
> which is parsed to
> There was a passenger ticket that describes that from nginx's point of
> view - X-Forwarded-Proto is the "correct" form.
Rack specs require "-" being converted to "_" in header names, so both header
X_FORWARDED_PROTO and X-Forwarded-Proto become the same header.
Then we have two headers with same name and different value. Some headers are
defined as "multivalue" which means that they would have the same meaning if
an unique header exists containing both values separated by comma (the top one
is equivalent to:
X_FORWARDED_PROTO: http, https
However it's not true that *any* header behaves in this way, but just headers
defined in such way (by the standards). For example two "Authorization"
headers cannot be joined in a single header.
So it's not totally safe to assume that any header appearing various times
could be a single header with their values separated by comma, however I think
it's a good approach.
More correct would be that Unicorn parses uknown headers appearing more than
one time by setting a Array as value:
X_FORWARDED_PROTO: ["http", "https"]
Unfortunately this is not allowed in Rack specifications.
Iñaki Baz Castillo <ibc at aliax.net>
More information about the mongrel-unicorn