vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-03-28 02:12:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(gateway): require loopback proxy IP for trusted-proxy + bind=loopback (#22082)

Browse Source 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 6ff3ca9b5d
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
This commit is contained in:
Mariano
2026-02-20 18:03:53 +00:00
committed by GitHub
parent 9c5249714d
commit 094dbdaf2b
4 changed files with 67 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
docs/gateway/trusted-proxy-auth.md
View File

@@ -39,8 +39,8 @@ Use `trusted-proxy` auth mode when:
```json5
{
gateway: {
// Must bind to network interface (not loopback)
bind: "lan",
// Use loopback for same-host proxy setups; use lan/custom for remote proxy hosts
bind: "loopback",
// CRITICAL: Only add your proxy's IP(s) here
trustedProxies: ["10.0.0.1", "172.17.0.1"],
@@ -62,6 +62,9 @@ Use `trusted-proxy` auth mode when:
}
```
If `gateway.bind` is `loopback`, include a loopback proxy address in
`gateway.trustedProxies` (`127.0.0.1`, `::1`, or an equivalent loopback CIDR).
### Configuration Reference
| Field | Required | Description |