From 833b0c25c78f0edfd11741b73e8924f5dc553be3 Mon Sep 17 00:00:00 2001 From: Brennan Date: Fri, 11 Jul 2025 15:21:16 -0700 Subject: [PATCH 1/2] Add AppContext switch in patch release to opt-out of breaking behavior change in ForwardedHeaders middleware --- .../src/ForwardedHeadersMiddleware.cs | 28 +++++++++++++++---- 1 file changed, 23 insertions(+), 5 deletions(-) diff --git a/src/Middleware/HttpOverrides/src/ForwardedHeadersMiddleware.cs b/src/Middleware/HttpOverrides/src/ForwardedHeadersMiddleware.cs index 88317c455109..be254a879e3d 100644 --- a/src/Middleware/HttpOverrides/src/ForwardedHeadersMiddleware.cs +++ b/src/Middleware/HttpOverrides/src/ForwardedHeadersMiddleware.cs @@ -24,6 +24,7 @@ public class ForwardedHeadersMiddleware private readonly ForwardedHeadersOptions _options; private readonly RequestDelegate _next; private readonly ILogger _logger; + private readonly bool _ignoreUnknownProxiesWithoutFor; private bool _allowAllHosts; private IList _allowedHosts; @@ -90,6 +91,18 @@ public ForwardedHeadersMiddleware(RequestDelegate next, ILoggerFactory loggerFac _logger = loggerFactory.CreateLogger(); _next = next; + if (AppContext.TryGetSwitch("Microsoft.AspNetCore.HttpOverrides.IgnoreUnknownProxiesWithoutFor", out var enabled) + && enabled) + { + _ignoreUnknownProxiesWithoutFor = true; + } + + if (Environment.GetEnvironmentVariable("MICROSOFT_ASPNETCORE_HTTPOVERRIDES_IGNORE_UNKNOWN_PROXIES_WITHOUT_FOR") is string env + && (env.Equals("true", StringComparison.OrdinalIgnoreCase) || env.Equals("1"))) + { + _ignoreUnknownProxiesWithoutFor = true; + } + PreProcessHosts(); } @@ -228,12 +241,17 @@ public void ApplyForwarders(HttpContext context) { var set = sets[entriesConsumed]; - // For the first instance, allow remoteIp to be null for servers that don't support it natively. - if (currentValues.RemoteIpAndPort != null && checkKnownIps && !CheckKnownAddress(currentValues.RemoteIpAndPort.Address)) + // Opt-out of breaking change behavior where we now always check KnownProxies and KnownNetworks + // It used to be guarded by the ForwardedHeaders.XForwardedFor flag, but now we always check it. + if (!_ignoreUnknownProxiesWithoutFor || checkFor) { - // Stop at the first unknown remote IP, but still apply changes processed so far. - _logger.LogDebug(1, $"Unknown proxy: {currentValues.RemoteIpAndPort}"); - break; + // For the first instance, allow remoteIp to be null for servers that don't support it natively. + if (currentValues.RemoteIpAndPort != null && checkKnownIps && !CheckKnownAddress(currentValues.RemoteIpAndPort.Address)) + { + // Stop at the first unknown remote IP, but still apply changes processed so far. + _logger.LogWarning(1, $"Unknown proxy: {currentValues.RemoteIpAndPort}"); + break; + } } if (checkFor) From dd8e5b539a7d366a3723cafe49c524dfbf1914fa Mon Sep 17 00:00:00 2001 From: Brennan Date: Fri, 11 Jul 2025 15:43:03 -0700 Subject: [PATCH 2/2] config --- eng/PatchConfig.props | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/eng/PatchConfig.props b/eng/PatchConfig.props index 0c425d6323a0..a84077104272 100644 --- a/eng/PatchConfig.props +++ b/eng/PatchConfig.props @@ -37,4 +37,9 @@ Later on, this will be checked using this condition: Microsoft.Net.Http.Headers; + + + Microsoft.AspNetCore.HttpOverrides; + +