Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

What is a full specification of X-Forwarded-Proto HTTP header?

What is a full specification of X-Forwarded-Proto HTTP header values?

like image 865
yegor256 Avatar asked Oct 28 '12 17:10

yegor256


People also ask

What is X-Forwarded proto header?

The X-Forwarded-Proto (XFP) header is a de-facto standard header for identifying the protocol (HTTP or HTTPS) that a client used to connect to your proxy or load balancer.

How do you see X is forwarded for a header?

To check the X-Forwarded-For in action go to Inspect Element -> Network check the request header for X-Forwarded-For like below.

What is X real IP header?

The X-Real-IP header provides the client's IP address. For example: X-Real-IP: 192.168.0.10.


1 Answers

There is no "full specification" -- it's a de facto standard. The X- in front of a header name customarily* has denoted it as experimental/non-standard/vendor-specific. Once it's a standard part of HTTP, it'll lose the prefix.

There's some work from the IETF on standardizing it, but it's just at the draft stages, as far as i can tell. Check out https://datatracker.ietf.org/doc/html/draft-ietf-appsawg-http-forwarded-10 for the latest draft as of the time of this writing. But be aware that it can change at any time while it's being fleshed out, and don't rely on it in production stuff yet.

Update:

RFC 7239 now defines the Forwarded: header, which is intended to replace X-Forwarded-*. If you care about standards, i would recommend using that instead.


* This used to be an official thing, but no longer is. RFC 6648 deprecates the X- prefixing convention. Unfortunately, the convention is so widely known (and the deprecation so low-key) that most people outside the IETF will probably ignore the recommendation.

like image 136
cHao Avatar answered Sep 30 '22 23:09

cHao