Launch Announcement - New ALB enhancements provide options to specify how to process Host header and X-Forwarded-For header
4
We are happy to announce that we just launched two enhancements to define how the Application Load Balancer (ALB) will process Host header and X-Forwarded-For header. These options provide additional flexibility in handling HTTP/HTTPS requests and allow customers to migrate their workloads to ALB.
Background:
AWS customers had asked for flexibility in specifying how ALB would handle Host and X-Forwarded-For headers in HTTP/HTTPS Requests. The enhancements are as follows:
Host Header Enhancement:
Currently, ALB modifies Host header in the incoming HTTP/HTTPS Request, and appends listener port before sending it to targets. For example, the Host: www.amazon.com header in the HTTP Request is modified to Host: www.amazon.com:8443 before ALB sends it to targets. This will remain the default behavior for backward compatibility.
With this enhancement, when enabled using a new attribute, ALB will send the Host header without any modification to the target. For example, the Host: www.amazon.com header in the HTTP Request will not be modified and sent to target as is.
X-Forwarded-For Header Enhancement:
Currently, ALB appends IP address of the previous hop to the X-Forwarded-For header before forwarding it to targets. This will remain the default behavior for backward compatibility.
With this enhancement, customers can now specify whether the ALB should preserve or delete the X-Forwarded-For header before sending it to the targets.
Launch Details:
Both enhancements do not change the default behavior and existing ALBs are not affected.
The enhancements are available using API and AWS Console.
The enhancements are available in all commercial, GovCloud, and China regions. These will be deployed in ADC regions at a later date based on demand.