Remote Address Header IP disclosure
Information
| Summary: |
Why is the public/private IP present as the value of the Remote Address header? |
| Environment: |
Product: LoadMaster Version: Any Platform: Any Application: Any |
| Question/Problem Description: |
Why is the IP present when observing the Remote Address header in Developer Tools on Chrome and Edge, or the Host header in Firefox and can it be masked? |
| Steps to Reproduce: |
Open Developer Tools on your web browser. Browse to a virtual service. |
| Error Message: | |
| Defect Number: | |
| Enhancement Number: | |
| Cause: |
This IP is obtained when browsing to the target IP itself or when resolving an FQDN within DNS. |
| Resolution: | This is as designed by web browsers and not something that can be changed. |
| Workaround: | |
| Notes: |