Document wildcard support for trusted_proxy

Pylons · Feb 4, 2024 · e0123ee · e0123ee
1 parent 5934be0
commit e0123ee
Showing 1 changed file with 9 additions and 0 deletions.
diff --git a/docs/arguments.rst b/docs/arguments.rst
@@ -95,6 +95,15 @@ trusted_proxy
 
     For unix sockets, set this value to ``localhost`` instead of an IP address.
 
+    The value ``*`` (wildcard) may be used to signify that all remote peers are
+    to be trusted.
+
+    .. warning::
+       Using the wildcard is a security issue if Waitress is receiving
+       connections from untrusted locations as well as trusted locations. Make
+       sure that waitress is adequately deployed behind an additional layer of
+       security, such as a firewall only allowing traffic from known proxies.
+
     Default: ``None``
 
 trusted_proxy_count