Icon of X-Forwarded-For Spoofer

X-Forwarded-For Spoofer 10.0.2 Requires Restart


Some clients add X-Forwarded-For to HTTP requests in an attempt to help servers identify the originating IP address of a request. Some clients, however, can set X-Forwarded-For to any arbitrary value. Some servers assume X-Forwarded-For is unassailable. No server should.\n\nWith this add-on, you can assign an arbitrary IP address to the X-Forwarded-For field, attempt to perform XSS by including HTML in this field, or even attempt SQL injection.

This add-on has been marked as experimental by its developers