← Back to context

Comment by whalesalad

19 hours ago

I did. It's essentially just a single .py file: https://gist.github.com/whalesalad/06804fd734efe6bd2e0c84906...

8 comments

whalesalad

Reply
alright2565  18 hours ago 

    x_forwarded_for = headers.get("X-Forwarded-For")
    if x_forwarded_for is None:
        x_forwarded_for = ipaddress.IPv4Address._string_from_ip_int(
            randint(0, MAX_IPV4)
        )

lol

  • marcusb  18 hours ago

    The original author claims this is to prevent API gateway from leaking the true client IP.

    • timewizard  18 hours ago

      To be fair the code actually creates a new API gateway server that acts as a proxy on to an already existing server and you're possibly meant to use this header with your own gateway service.

      So, it's set as a header, sent to a user owned proxy, then to the actual external endpoint.

      On the other hand I think the receiving API Gateway will be able to see and log your AWS account identifier when you do this. So your IP may not be the only identifying information that needs to be obscured for this to actually work.

      5 replies →