From 3c7bb998363707e0f8593e069b0ae911be6f43d2 Mon Sep 17 00:00:00 2001 From: "Paul J. Dorn" Date: Thu, 25 Apr 2024 13:02:18 +0200 Subject: [PATCH] docs: forwarder-headers is list, not mapping --- docs/source/settings.rst | 8 ++------ gunicorn/config.py | 8 ++------ 2 files changed, 4 insertions(+), 12 deletions(-) diff --git a/docs/source/settings.rst b/docs/source/settings.rst index 6df7329ba..9d7194df7 100644 --- a/docs/source/settings.rst +++ b/docs/source/settings.rst @@ -1483,17 +1483,13 @@ Use with care and only if necessary. May be removed in a future version. **Default:** ``'SCRIPT_NAME'`` -A list containing headers and values that the front-end proxy +A list containing upper-case header field names that the front-end proxy sets, to be used in WSGI environment. -If other headers listed in this list are not present in the request, they will be ignored. +If headers named in this list are not present in the request, they will be ignored. This option can be used to transfer SCRIPT_NAME and REMOTE_USER. -The list should map upper-case header names to exact string -values. The value comparisons are case-sensitive, unlike the header -names, so make sure they're exactly what your front-end proxy sends. - It is important that your front-end proxy configuration ensures that the headers defined here can not be passed directly from the client. diff --git a/gunicorn/config.py b/gunicorn/config.py index 19cdada95..e353967f2 100644 --- a/gunicorn/config.py +++ b/gunicorn/config.py @@ -2361,17 +2361,13 @@ class ForwarderHeaders(Setting): default = "SCRIPT_NAME" desc = """\ - A list containing headers and values that the front-end proxy + A list containing upper-case header field names that the front-end proxy sets, to be used in WSGI environment. - If other headers listed in this list are not present in the request, they will be ignored. + If headers named in this list are not present in the request, they will be ignored. This option can be used to transfer SCRIPT_NAME and REMOTE_USER. - The list should map upper-case header names to exact string - values. The value comparisons are case-sensitive, unlike the header - names, so make sure they're exactly what your front-end proxy sends. - It is important that your front-end proxy configuration ensures that the headers defined here can not be passed directly from the client. """