I tried to use standard recommendation for work with AWS Load Balancer:
var options = new HealthCheckOptions();
options.ResponseWriter = async (c, r) => {
c.Response.ContentType = "application/json";
var result = JsonConvert.SerializeObject(new
{
status = r.Status.ToString(),
errors = r.Entries.Select(e => new { key = e.Key, value = e.Value.Status.ToString() })
});
await c.Response.WriteAsync(result);
};
app.UseHealthChecks("/", 80, options);
var fordwardedHeaderOptions = new ForwardedHeadersOptions
{
ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto
};
//for debug
fordwardedHeaderOptions.KnownNetworks.Clear();
fordwardedHeaderOptions.KnownProxies.Clear();
//fordwardedHeaderOptions.ForwardLimit = 2;
//fordwardedHeaderOptions.KnownProxies.Add(IPAddress.Parse("****"));
//fordwardedHeaderOptions.KnownNetworks.Add(new IPNetwork(IPAddress.Parse("*****"), 24));
app.UseForwardedHeaders(fordwardedHeaderOptions);
But it don't work for me. For debugging purposes, I also tried an option that, although it was not entirely correct from the point of view of security, should have redirected all the headers to the application:
app.UseForwardedHeaders(new ForwardedHeadersOptions
{
ForwardedHeaders = ForwardedHeaders.All
});
const string XForwardedPathBase = "X-Forwarded-PathBase";
const string XForwardedProto = "X-Forwarded-Proto";
app.Use((context, next) =>
{
if (context.Request.Headers.TryGetValue(XForwardedPathBase, out StringValues pathBase))
{
context.Request.PathBase = new PathString(pathBase);
}
if (context.Request.Headers.TryGetValue(XForwardedProto, out StringValues proto))
{
context.Request.Protocol = proto;
}
return next();
});