|author||Vadim Shtayura <email@example.com>||Wed May 22 00:57:59 2019|
|committer||Commit Bot <firstname.lastname@example.org>||Wed May 22 00:57:59 2019|
[auth] Make a process of deriving end-user IP configurable. On GAE we always use req.RemoteAddr as end-user IP (e.g. to use in IP whitelists). This is no longer correct in k8s or any other environment with HTTP-level proxies or load balancers: req.RemoteAddr will be the address or a proxy, not end user. Most proxies convey end-user address through X-Forwarded-For header. But its exact format depends on the hosting environment (e.g. number of proxy layers in front of the server). It is now responsibility of a code that hosts auth subsystem to supply correct implementation of the end-user IP extraction. Remail@example.com, firstname.lastname@example.org, email@example.com BUG=959427 Change-Id: I89646a0a0544b0a30e5553da80f0ac0d35967269 Reviewed-on: https://chromium-review.googlesource.com/c/infra/luci/luci-go/+/1623156 Reviewed-by: Jao-ke Chin-Lee <firstname.lastname@example.org> Commit-Queue: Vadim Shtayura <email@example.com>
fetch infra cd infra/go eval `./env.py` cd src/go.chromium.org/luci
Contributing uses the same flow as Chromium contributions.