List of IPs or CIDR ranges allowed to supply X-Forwarded-* headers when reverseProxy is enabled. If not set, OAuth2 Proxy preserves backwards compatibility by trusting all source IPs (0.0.0.0/0, ::/0) and logs a warning at startup. Configure this to your reverse proxy addresses to prevent forwarded header spoofing.
option