From d0546bf484a755e31b30b317764c45e0a0f69635 Mon Sep 17 00:00:00 2001 From: CroBurnt Date: Mon, 6 Nov 2023 07:04:30 -0300 Subject: [PATCH] Update http.adoc --- docs/modules/ROOT/pages/features/exploits/http.adoc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/modules/ROOT/pages/features/exploits/http.adoc b/docs/modules/ROOT/pages/features/exploits/http.adoc index 6f20b7f56b..127d0a6016 100644 --- a/docs/modules/ROOT/pages/features/exploits/http.adoc +++ b/docs/modules/ROOT/pages/features/exploits/http.adoc @@ -20,8 +20,8 @@ Spring Security provides support for xref:features/exploits/headers.adoc#headers == Proxy Server Configuration When using a proxy server, it is important to ensure that you have configured your application properly. -For example, many applications have a load balancer that responds to request for https://example.com/ by forwarding the request to an application server at https://192.168.1:8080 -Without proper configuration, the application server can not know that the load balancer exists and treats the request as though https://192.168.1:8080 was requested by the client. +For example, many applications have a load balancer that responds to request for `\https://example.com/` by forwarding the request to an application server at `\https://192.168.0.107` +Without proper configuration, the application server can not know that the load balancer exists and treats the request as though `\https://192.168.0.107:8080` was requested by the client. To fix this, you can use https://tools.ietf.org/html/rfc7239[RFC 7239] to specify that a load balancer is being used. To make the application aware of this, you need to configure your application server to be aware of the X-Forwarded headers.