• Login
    • Search
    • Categories
    • Recent
    • Tags
    • Users
    • Groups
    • Rules
    • Help

    Do more on the web, with a fast and secure browser!

    Download Opera browser with:

    • built-in ad blocker
    • battery saver
    • free VPN
    Download Opera

    Conflicting headers

    Opera Mini
    3
    5
    2633
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • barbudreadmon
      barbudreadmon last edited by

      I noticed that, when using opera mini to access a website, both "X-Forwarded-For" and "Forwarded" are sent, i assume you use a proxy to speedup websites, but to my knowledge, if a proxy natively uses the X-Forwarded-For header, it should not allow clients to send Forwarded headers (see http://symfony.com/doc/2.8/components/http_foundation/trusting_proxies.html).

      Any application using Symfony framework (which means a lot) won't allow it, except if you ignore those headers (which seems bad). Is this behavior something you wanted (in which case, why ?), or some proxy misconfiguration ?

      Reply Quote 0
        1 Reply Last reply
      • mbaluta
        mbaluta last edited by

        X-Forwarded-For and Forwarded headers serves the same purpose: to inform web server about IP of the original client. We add both of those headers on Opera Mini servers: Forwarded is a standard-compliant way, but it's new and a lot of sites may not use it yet so we add X-Forwarder-For as well, which was commonly used for many years.

        Symfony framework will not trust those headers by default, what means that if you are a web developer and you call getClientIp() method, it will return IP of Opera Mini server, not your real IP given in X-Forwarded-For or Forwarded header. But the page should load. The same would apply for all other proxies.

        Reply Quote 0
          1 Reply Last reply
        • barbudreadmon
          barbudreadmon last edited by

          My websites, which are symfony 2.8 based, will throw me a Symfony\Component\HttpFoundation\Exception\ConflictingHeadersException , which result in a 400 (bad request) response

          Reply Quote 0
            1 Reply Last reply
          • barbudreadmon
            barbudreadmon last edited by

            the exception will be thrown with those headers :
            Forwarded: for="10.10.10.10:13002"
            X-Forwarded-For: 10.10.10.10, 141.0.14.114

            Reply Quote 0
              1 Reply Last reply
            • Deleted User
              Deleted User last edited by

              The actual problem is that the two headers are added with varying information:

              // Forwarded
              Array
              (
                  [0] => 46.127.15.xxx
              )
              
              // X-Forwarded-For
              Array
              (
                  [0] => 82.145.219.118
                  [1] => 82.145.219.118
                  [2] => 46.127.15.xxx
              )
              

              The Forwarded header is missing the IP chain, therefore Symfony throws the exception.

              Reply Quote 0
                1 Reply Last reply
              • First post
                Last post

              Computer browsers

              • Opera for Windows
              • Opera for Mac
              • Opera for Linux
              • Opera beta version
              • Opera USB

              Mobile browsers

              • Opera for Android
              • Opera Mini
              • Opera Touch
              • Opera for basic phones

              • Add-ons
              • Opera account
              • Wallpapers
              • Opera Ads

              • Help & support
              • Opera blogs
              • Opera forums
              • Dev.Opera

              • Security
              • Privacy
              • Cookies Policy
              • EULA
              • Terms of Service

              • About Opera
              • Press info
              • Jobs
              • Investors
              • Become a partner
              • Contact us

              Follow Opera

              • Opera - Facebook
              • Opera - Twitter
              • Opera - YouTube
              • Opera - LinkedIn
              • Opera - Instagram

              © Opera Software 1995-2025