Comment by whalesalad

1 day ago

I did. It's essentially just a single .py file: https://gist.github.com/whalesalad/06804fd734efe6bd2e0c84906...

8 comments

whalesalad

Reply
alright2565  1 day ago 

    x_forwarded_for = headers.get("X-Forwarded-For")
    if x_forwarded_for is None:
        x_forwarded_for = ipaddress.IPv4Address._string_from_ip_int(
            randint(0, MAX_IPV4)
        )

lol

  • marcusb  1 day ago

    The original author claims this is to prevent API gateway from leaking the true client IP.

    • timewizard  1 day ago

      To be fair the code actually creates a new API gateway server that acts as a proxy on to an already existing server and you're possibly meant to use this header with your own gateway service.

      So, it's set as a header, sent to a user owned proxy, then to the actual external endpoint.

      On the other hand I think the receiving API Gateway will be able to see and log your AWS account identifier when you do this. So your IP may not be the only identifying information that needs to be obscured for this to actually work.

      5 replies →