Techly NewsGet the app

Get the latest tech news

What is X-Forwarded-For and when can you trust it? (2024)


The X-Forwarded-For (XFF) HTTP header provides crucial insight into the origin of web requests. The header works as a mechanism for conveying the original...

If your code assumes valid data in a specific format, it can easily crash, typically resulting in 500 Internal Server Error for the client and potential other side effects server-side, and opening the door to all sorts of DDoS attacks. Really, the only true downside here is the existing much wider use & support for X-Forwarded-For, but there are solid reasons to aim to use Forwarded where possible, and to plan to migrate tooling in that direction in future. Use these powers wisely, and remember that this depends on close integration between backend & deployment infrastructure development, so don't sneak them into changes without talking to the rest of your team first!

Get the Android app

Or read this on Hacker News

« Apple, Meta, Amazon Face Mounting Tariff Pressures Amid AI Push: US Earnings Week Ahead
Wheel World review »