Skip to content

Commit

Permalink
docs: fix configuration option for trusting forwarded IPs (encode#2479)
Browse files Browse the repository at this point in the history
  • Loading branch information
gunter1020 authored and Raphaël Moreau committed Nov 5, 2024
1 parent 03d7004 commit 23c6b7d
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion docs/deployment.md
Original file line number Diff line number Diff line change
Expand Up @@ -376,7 +376,7 @@ Uvicorn can use these headers to correctly set the client and protocol in the re
However as anyone can set these headers you must configure which "clients" you will trust to have set them correctly.

Uvicorn can be configured to trust IP Addresses (e.g. `127.0.0.1`), IP Networks (e.g. `10.100.0.0/16`),
or Literals (e.g. `/path/to/socket.sock`). When running from CLI these are configured using `--forwarded-trust-ips`.
or Literals (e.g. `/path/to/socket.sock`). When running from CLI these are configured using `--forwarded-allow-ips`.

!!! Warning "Only trust clients you can actually trust!"
Incorrectly trusting other clients can lead to malicious actors spoofing their apparent client address to your application.
Expand Down

0 comments on commit 23c6b7d

Please sign in to comment.