werkzeug.middleware.proxy

class documentation

class ProxyFix:

Adjust the WSGI environ based on X-Forwarded- that proxies in front of the application may set.

X-Forwarded-For sets REMOTE_ADDR.
X-Forwarded-Proto sets wsgi.url_scheme.
X-Forwarded-Host sets HTTP_HOST, SERVER_NAME, and SERVER_PORT.
X-Forwarded-Port sets HTTP_HOST and SERVER_PORT.
X-Forwarded-Prefix sets SCRIPT_NAME.

You must tell the middleware how many proxies set each header so it knows what values to trust. It is a security issue to trust values that came from the client rather than a proxy.

The original values of the headers are stored in the WSGI environ as werkzeug.proxy_fix.orig, a dict.

from werkzeug.middleware.proxy_fix import ProxyFix
# App is behind one proxy that sets the -For and -Host headers.
app = ProxyFix(app, x_for=1, x_host=1)

Changed in version 1.0: Deprecated code has been removed:

The num_proxies argument and attribute.
The get_remote_addr method.
The environ keys orig_remote_addr, orig_wsgi_url_scheme, and orig_http_host.

Changed in version 0.15: All headers support multiple values. The num_proxies argument is deprecated. Each header is configured with a separate number of trusted proxies.

Changed in version 0.15: Original WSGI environ values are stored in the werkzeug.proxy_fix.orig dict. orig_remote_addr, orig_wsgi_url_scheme, and orig_http_host are deprecated and will be removed in 1.0.

Changed in version 0.15: Support X-Forwarded-Port and X-Forwarded-Prefix.

Changed in version 0.15: X-Forwarded-Host and X-Forwarded-Port modify SERVER_NAME and SERVER_PORT.

Parameters
app	The WSGI application to wrap.
x_for	Number of values to trust for `X-Forwarded-For`.
x_proto	Number of values to trust for `X-Forwarded-Proto`.
x_host	Number of values to trust for `X-Forwarded-Host`.
x_port	Number of values to trust for `X-Forwarded-Port`.
x_prefix	Number of values to trust for `X-Forwarded-Prefix`.

Method	`__call__`	Modify the WSGI environ based on the various `Forwarded` headers before calling the wrapped application. Store the original environ values in `werkzeug.proxy_fix.orig_{key}`.
Method	`__init__`	Undocumented
Instance Variable	`app`	Undocumented
Instance Variable	`x_for`	Undocumented
Instance Variable	`x_host`	Undocumented
Instance Variable	`x_port`	Undocumented
Instance Variable	`x_prefix`	Undocumented
Instance Variable	`x_proto`	Undocumented
Method	`_get_real_value`	Get the real value from a list header based on the configured number of trusted proxies.

def __call__(self, environ, start_response):

Modify the WSGI environ based on the various Forwarded headers before calling the wrapped application. Store the original environ values in werkzeug.proxy_fix.orig_{key}.

Parameters
environ:`WSGIEnvironment`	Undocumented
start_response:`StartResponse`	Undocumented
Returns
`t.Iterable[bytes]`	Undocumented

def __init__(self, app, x_for=1, x_proto=1, x_host=0, x_port=0, x_prefix=0):

Undocumented

Parameters
app:`WSGIApplication`	Undocumented
x_for:`int`	Undocumented
x_proto:`int`	Undocumented
x_host:`int`	Undocumented
x_port:`int`	Undocumented
x_prefix:`int`	Undocumented

app =

Undocumented

x_for =

Undocumented

x_host =

Undocumented

x_port =

Undocumented

x_prefix =

Undocumented

x_proto =

Undocumented

def _get_real_value(self, trusted, value):

Get the real value from a list header based on the configured number of trusted proxies.

Changed in version 1.0: Renamed from _get_trusted_comma.

New in version 0.15.

Parameters
trusted:`int`	Number of values to trust in the header.
value:`t.Optional[str]`	Comma separated list header value to parse.
Returns
`t.Optional[str]`	The real value, or `None` if there are fewer values than the number of trusted proxies.

werkzeug.middleware.proxy_fix.ProxyFix

`werkzeug.middleware.proxy_fix.ProxyFix`