Hi, I stumbled over something in conjunction with pound. pound adds an X-Forwarded-For header to each request. However, from inside zope, this additional header might be invisible. I guess the problem occurs, if there already was a X-Forwarded-For header in the request: pound writes a new, second one. And it seems, that the REQUEST has only one of the two headers (so that REQUEST.get('HTTP_X_FORWARDED_FOR') is missing the value pound added). I already sent this to the pound list, and was told that having multiple headers with the same value is allowed, which seems to be correct according to RFC2616 (HTTP 1.1): "Multiple message-header fields with the same field-name MAY be present in a message if and only if the entire field-value for that header field is defined as a comma-separated list [i.e., #(values)]. It MUST be possible to combine the multiple header fields into one "field-name: field-value" pair, without changing the semantics of the message, by appending each subsequent field-value to the first, each separated by a comma. The order in which header fields with the same field-name are received is therefore significant to the interpretation of the combined field value, and thus a proxy MUST NOT change the order of these field values when a message is forwarded." That said, in case of ... X-Forwarded-for: client1, proxy1 ... X-Forwarded-for: proxy2 <-- added by Pound ... zope should create something like this: ... X-Forwarded-for: client1, proxy1, proxy2 ... not only for x-forwareded-for, but for any header around, I guess. I doubt that it would be difficult to fix. Unfortunately, I couldn't find the place where a generic header processing takes place do try myself :-( Cheers, Sascha