目录搜索
GuidesAccess control CORSAuthenticationBrowser detection using the user agentCachingCaching FAQCompressionConditional requestsConnection management in HTTP 1.xContent negotiationContent negotiation: List of default Accept valuesCookiesCSPMessagesOverviewProtocol upgrade mechanismProxy servers and tunnelingProxy servers and tunneling: Proxy Auto-Configuration (PAC) filePublic Key PinningRange requestsRedirectionsResources and specificationsResources and URIsResponse codesServer-Side Access ControlSessionGuides: BasicsBasics of HTTPChoosing between www and non-www URLsData URIsEvolution of HTTPIdentifying resources on the WebMIME TypesMIME types: Complete list of MIME typesCSPContent-Security-PolicyContent-Security-Policy-Report-OnlyCSP: base-uriCSP: block-all-mixed-contentCSP: child-srcCSP: connect-srcCSP: default-srcCSP: font-srcCSP: form-actionCSP: frame-ancestorsCSP: frame-srcCSP: img-srcCSP: manifest-srcCSP: media-srcCSP: object-srcCSP: plugin-typesCSP: referrerCSP: report-uriCSP: require-sri-forCSP: sandboxCSP: script-srcCSP: style-srcCSP: upgrade-insecure-requestsCSP: worker-srcHeadersAcceptAccept-CharsetAccept-EncodingAccept-LanguageAccept-RangesAccess-Control-Allow-CredentialsAccess-Control-Allow-HeadersAccess-Control-Allow-MethodsAccess-Control-Allow-OriginAccess-Control-Expose-HeadersAccess-Control-Max-AgeAccess-Control-Request-HeadersAccess-Control-Request-MethodAgeAllowAuthorizationCache-ControlConnectionContent-DispositionContent-EncodingContent-LanguageContent-LengthContent-LocationContent-RangeContent-TypeCookieCookie2DateDNTETagExpectExpiresForwardedFromHeadersHostIf-MatchIf-Modified-SinceIf-None-MatchIf-RangeIf-Unmodified-SinceKeep-AliveLarge-AllocationLast-ModifiedLocationOriginPragmaProxy-AuthenticateProxy-AuthorizationPublic-Key-PinsPublic-Key-Pins-Report-OnlyRangeRefererReferrer-PolicyRetry-AfterServerSet-CookieSet-Cookie2SourceMapStrict-Transport-SecurityTETkTrailerTransfer-EncodingUpgrade-Insecure-RequestsUser-AgentUser-Agent: FirefoxVaryViaWarningWWW-AuthenticateX-Content-Type-OptionsX-DNS-Prefetch-ControlX-Forwarded-ForX-Forwarded-HostX-Forwarded-ProtoX-Frame-OptionsX-XSS-ProtectionMethodsCONNECTDELETEGETHEADMethodsOPTIONSPATCHPOSTPUTStatus100 Continue101 Switching Protocols200 OK201 Created202 Accepted203 Non-Authoritative Information204 No Content205 Reset Content206 Partial Content300 Multiple Choices301 Moved Permanently302 Found303 See Other304 Not Modified307 Temporary Redirect308 Permanent Redirect400 Bad Request401 Unauthorized403 Forbidden404 Not Found405 Method Not Allowed406 Not Acceptable407 Proxy Authentication Required408 Request Timeout409 Conflict410 Gone411 Length Required412 Precondition Failed413 Payload Too Large414 URI Too Long415 Unsupported Media Type416 Range Not Satisfiable417 Expectation Failed426 Upgrade Required428 Precondition Required429 Too Many Requests431 Request Header Fields Too Large451 Unavailable For Legal Reasons500 Internal Server Error501 Not Implemented502 Bad Gateway503 Service Unavailable504 Gateway Timeout505 HTTP Version Not Supported511 Network Authentication RequiredStatus
文字

Forwarded首标包含来自被改变或丢失时代理参与请求的路径代理服务器的面向客户端的信息。

此标头的替代方案和事实上的标准版本是X-Forwarded-ForX-Forwarded-HostX-Forwarded-Proto的 header 。

此标题用于调试,统计和生成依赖于位置的内容,并且通过设计它可以显示隐私敏感信息,例如客户端的 IP 地址。因此,在部署此标头时必须牢记用户的隐私。

Header type

Request header

Forbidden header name

no

语法

Forwarded: by=<identifier>; for=<identifier>; host=<host>; proto=<http|https>

指令

<identifier> 一个标识符,用于公开在使用代理时被更改或丢失的信息。这可以是:

  • 一个 IP 地址( v4 或 v6 ,可选地带有一个端口,以及用方括号括起来的 ipv6 ),

  • 混淆的标识符(如“_hidden”或“_secret”),

  • 或者当前面的实体不知道时“未知”(并且您仍然想要表明转发了该请求)。

by = <identifier> 请求进入代理的接口 server.for = <identifier>启动请求的客户端和代理链中的后续代理。host = <host> Host请求头部字段由 proxy.proto = <HTTP | HTTPS>

指示用于发出请求的协议(通常为“http”或“https”)。

例子

使用Forwarded标题

Forwarded: for="_mdn" # case insensitive
Forwarded: For="[2001:db8:cafe::17]:4711"# separated by semicolon
Forwarded: for=192.0.2.60; proto=http; by=203.0.113.43# multiple values can be appended using a comma
Forwarded: for=192.0.2.43, for=198.51.100.17

X-Forwarded-For过渡到Forwarded

如果您的应用程序,服务器或代理支持标准化Forwarded标题,则X-Forwarded-For可以替换标题。请注意,IPv6 地址被引用并放在Forwarded中的方括号中。

X-Forwarded-For: 123.34.567.89Forwarded: for=123.34.567.89X-Forwarded-For: 192.0.2.43, 2001:db8:cafe::17Forwarded: for=192.0.2.43, for="[2001:db8:cafe::17]"

规范

Specification

Title

RFC 7239, section 4: Forwarded

Forwarded HTTP Extension

上一篇:下一篇: