You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
* Fix: http.client_ip vs multiple addresses #2282
* Split only the necessary number of values.
As suggested by @pellared. Good suggestion, that.
Co-authored-by: Robert Pająk <pellared@hotmail.com>
Co-authored-by: Robert Pająk <pellared@hotmail.com>
Co-authored-by: Tyler Yahn <MrAlias@users.noreply.github.com>
Description
Spec check: should http.client_ip contain multiple addresses?
Environment
Steps To Reproduce
curl -H 'X-Forwarded-For: 203.0.113.195, 70.41.3.18, 150.172.238.178' :8090
http.client_ip
trace span attribute value contains multiple addresses:"203.0.113.195, 70.41.3.18, 150.172.238.178"
The code might look like it's choosing the first value, but it's instead pulling the first matching header:
opentelemetry-go/semconv/v1.4.0/http.go
Lines 227 to 229 in cdf67dd
HTTPServerAttributesFromHTTPRequest
returns all values from the first occurrence of the header:Expected behavior
I expect
http.client_ip
to return only the first entry from theX-Forwarded-For
header.The HTTP Server Semantic Conventions describe
http.client_ip
as containing:That sounds singular to me, as does the linked MDN document:
Strikes me we SHOULD take the left-most address only. What do you reckon?
The text was updated successfully, but these errors were encountered: