Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Ideally we'd set it to our nginx ingress that sets it but we can't easily know the IP from the running API pod (it's a kube-system daemonset). Also, uvicorn only supports direct IP and cannot compute CIDR > https://github.com/encode/uvicorn/blob/fc2130bf1a740acaa502530079bfbd595fa7a94c/uvicorn/middleware/proxy_headers.py#L56 So we are accepting the first value of X-Forwarded-For header. Thankfully, nginx-ingress by default strips it so it cant be spoofed. > https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#use-forwarded-headers
- Loading branch information
