Search code examples
asp.netiisurl-rewritingarrkestrel-http-server

asp.net core Parameter count mismatch between X-Forwarded-For and X-Forwarded-Proto

CloudFlare

IIS ARR 

Asp.net core 1.1.1

I'm behind cloudflare and then behind iis arr.

cloudflare is in http only mode

I'm constantly getting

Parameter count mismatch between X-Forwarded-For and X-Forwarded-Proto.

my startup file 

 ForwardedHeadersOptions forwardOption = new ForwardedHeadersOptions
        {
            ForwardedHeaders = Microsoft.AspNetCore.HttpOverrides.ForwardedHeaders.XForwardedFor | Microsoft.AspNetCore.HttpOverrides.ForwardedHeaders.XForwardedProto,
            ForwardLimit = 2
        };
        forwardOption.KnownProxies.Add(IPAddress.Parse("xxxxx"));
        forwardOption.KnownProxies.Add(IPAddress.Parse("xxxxx"));
        forwardOption.KnownProxies.Add(IPAddress.Parse("xxxxxx"));
        forwardOption.KnownProxies.Add(IPAddress.Parse("xxxxxx"));
        app.UseForwardedHeaders(forwardOption);

and i have set this rewrite rule at iis arr level i also have tested https

HTTP_X_FORWARDED_PROTO
http
replace the existing value

enter image description here

what's the problem?

here is a link but no help

Solution

  • I found a solution just add this code on you configureservices

            services.Configure<ForwardedHeadersOptions>(options =>
        {
            options.ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;
            options.RequireHeaderSymmetry = false;
            options.ForwardLimit = 2;
            options.KnownProxies.Add(IPAddress.Parse("xxx.xxx.xxx.xxx"));
            options.KnownProxies.Add(IPAddress.Parse("xxx.xxx.xxx.xxx"));
            options.KnownProxies.Add(IPAddress.Parse("xxx.xxx.xxx.xxx"));

        });

    and the on your basecontroller or somewhere else use this code for getting real ip address if you are behind cloudflare and arr

      public string GetRealIpAddress()
    {
        StringValues connectionIp;
        var conncetionIpAvailable = Request.Headers.TryGetValue("Cf-Connecting-Ip", out connectionIp);
        if (conncetionIpAvailable)
        {
            return connectionIp.ToString().Trim();
        }
        else
        {
            var xForwardFor = Request.Headers.GetCommaSeparatedValues("X-Forwarded-For");
            string ipList = "";
            foreach (var x in xForwardFor)
            {
                ipList = ipList.Trim() + " , " + x.Trim();
            }

            if (!string.IsNullOrEmpty(ipList.Trim()))
            {
                return ipList.Trim();
            }
            else
            {
                return "xxx.xxx.xxx.xxx";
            }
        }
    }