Overridding header

Comments

2 comments

  • Richard Alpagot

    Hi Nav, please see the reference on: req.http.Fastly-Client-IP which is a good way to log the IP of the inbound client to Fastly. This also avoids logging the edge node cache IP instead of the client when shielding.

  • Ichi Ichimura

    Hi Nav,

    After you save "true client ip" on a new header from x-forwarder-for header, you can unset the header before the request goes to origin. So you can add VCL below on vclmiss & vclpass as these subroutines are only place the request goes to the origin.

    if (req.http.x-forwarded-for){ unset bereq.http.x-forwarded-for; }

    I created that on fiddle. Please take a look.

    Just wanted to mention that Fastly adds/appends X-Forwarded headers when incoming request is TLS. If incoming requests have X-Forwarded headers, Fastly appends to it and if not, these headers are newly added.

    Here is documents for our new headers as Richard mentioned! https://docs.fastly.com/guides/basic-configuration/adding-or-modifying-headers-on-http-requests-and-responses#common-sources-of-new-content

    Let us know if you need more clarifications / advice!

    Ichi

Please sign in to leave a comment.