Bug 47447

Summary: Add possibility to use client IP as a value in RequestHeader (and Header, too, but this is almost meaningless)
Product: Apache httpd-2 Reporter: Alexey Asemov <alex>
Component: mod_headersAssignee: Apache HTTPD Bugs Mailing List <bugs>
Status: NEW ---    
Severity: enhancement CC: alex
Priority: P2 Keywords: PatchAvailable
Version: 2.4.10   
Target Milestone: ---   
Hardware: All   
OS: All   
Attachments: mod_headers %a value format for client IP patch

Description Alexey Asemov 2009-06-29 02:05:26 UTC
Created attachment 23897 [details]
mod_headers %a value format for client IP patch

Some people may want to use Apache as a reverse proxy on a frontends. Alas, mod_rpaf is heavily bugged (.htaccess don't work), and existing small modules like mod_realip2 do not honor X-Forwarded-For header (that is not completely spoof proof also due to possibility of multiple values).

So I decided to add ability to use client IP as a value in mod_headers value formats. It is a small nice enhancement that allows me to add like "X-Real-IP" header on a backend.

The patch for 2.2.11 is attached, it is trivial enough.

Example of use:

RequestHeader set X-Real-IP %a
Comment 1 Alexey Asemov 2009-06-29 02:07:02 UTC
Sorry for small typos there.

"on a frontends" must read "on a frontend"
"on a backend" must read "on a frontend" too
Comment 2 William A. Rowe Jr. 2009-09-24 22:32:34 UTC
Here's my problem with the RequestHeader hacks.  They are hacks.

We have a whole registration system to provide additional providers to %*
log formats, and no way to then expose those to other modules providing
%escape features like RequestHeader.  I had a solution for X-FF based on
picking one of these up, and lo and behold, there is no API in mod_log_config
to recover all the useful extensions added to logging.

The right way to fix this is to move the %escape registration from the
mod_log_config to the core, and let every module who wants to call out to
a new provider in the core which collects all available features.
Comment 3 Vladimir Panteleev 2012-02-12 14:44:55 UTC
What's wrong with using %{REMOTE_ADDR}e ?
Comment 4 Alexey Asemov 2015-01-17 14:14:26 UTC
> What's wrong with using %{REMOTE_ADDR}e ?
Just does not work.
Comment 5 William A. Rowe Jr. 2018-11-07 21:09:02 UTC
Please help us to refine our list of open and current defects; this is a mass update of old and inactive Bugzilla reports which reflect user error, already resolved defects, and still-existing defects in httpd.

As repeatedly announced, the Apache HTTP Server Project has discontinued all development and patch review of the 2.2.x series of releases. The final release 2.2.34 was published in July 2017, and no further evaluation of bug reports or security risks will be considered or published for 2.2.x releases. All reports older than 2.4.x have been updated to status RESOLVED/LATER; no further action is expected unless the report still applies to a current version of httpd.

If your report represented a question or confusion about how to use an httpd feature, an unexpected server behavior, problems building or installing httpd, or working with an external component (a third party module, browser etc.) we ask you to start by bringing your question to the User Support and Discussion mailing list, see [https://httpd.apache.org/lists.html#http-users] for details. Include a link to this Bugzilla report for completeness with your question.

If your report was clearly a defect in httpd or a feature request, we ask that you retest using a modern httpd release (2.4.33 or later) released in the past year. If it can be reproduced, please reopen this bug and change the Version field above to the httpd version you have reconfirmed with.

Your help in identifying defects or enhancements still applicable to the current httpd server software release is greatly appreciated.
Comment 6 Christophe JAILLET 2019-06-15 06:21:13 UTC
*** Bug 57451 has been marked as a duplicate of this bug. ***
Comment 7 Christophe JAILLET 2019-06-15 06:23:06 UTC
Re-opening, because the duplicated bug 57451 is related to 2.4.10.
Update Version accordingly