ForwardedHeaders middleware logging logs Warning for normal behavior.

[rkargMsft]

Why was this changed from debug? Without MICROSOFT_ASPNETCORE_HTTPOVERRIDES_IGNORE_UNKNOWN_PROXIES_WITHOUT_FOR my logs are getting spammed.

Originally posted by @ilike2burnthing in #62687 (comment)

Having untrusted proxies in the forwarded header chain is a valid scenario. Having Warning logs for this valid use case is noisy and confusing for users.

[MihuBot]

I'm a bot. Here is a possible related and/or duplicate issue (I may be wrong):

• UseForwardedHeaders should raise more prominent errors for unknown proxies #58461

[rkargMsft]

I'm a bot. Here is a possible related and/or duplicate issue (I may be wrong):

• UseForwardedHeaders should raise more prominent errors for unknown proxies #58461

Thanks for searching for that 🤖 It is indeed related, but it appears to be specifically looking to make the Development debugging experience better.
Having untrusted proxies in the forwarded headers chain is a normal thing and happens in perfectly well functioning use cases. The quoted comment above is noting that the log level was changed in the PR to add an AppContext Switch so now we have two options:

• Revert temporarily to the older, insecure Forwarded header handling to avoid the Warning log lines until that Switch is eventually removed, and then?
• Keep the Switch off, but get Warning log lines for valid scenarios (untrusted proxies exist and are properly handled by the Middleware) where the Middleware is doing exactly what it's expected to do.