Action Name | Description | Default |
|---|---|---|
(default) Request header allow list | All headers not explicitly contained in the allow list of well-known headers are removed. | enabled |
(default) Request header deny list | Some headers known to be problematic are removed. | enabled |
(default) Translate Host header | The value in the incoming host header is replaced by the back-end host. Rewriting the host header may be necessary if the application server needs the back-end hostname in the header instead of the external name (e.g. for name-based virtual hosts in the back-end). | enabled |
(default) Translate Referer header | The incoming referer header is rewritten to match the back-end protocol/host/URL. Rewriting the referer may be necessary if the application interprets the referer field but is not reverse-proxy compatible. | enabled |
(default) Translate Origin header | The incoming origin header is rewritten to match the back-end protocol/host/URL. Rewriting the origin may be necessary if the application interprets the origin field but is not reverse-proxy compatible. | enabled |
(default) Add X-Forwarded-For header | Adds an X-Forwarded-For header to preserve the original client IP for back-ends. | enabled |
(default) Add X-Forwarded-Proto header | Adds an X-Forwarded-Proto header to preserve the original protocol for back-ends. | enabled |