We unconditionally respect the X-Forwarded-For header that gets fed into
kraken's machineries. Regardless of whether the client IP is a trusted one,
or it is not a trusted one. This distorts our reports/graphs.
Instead, we should only respect the X-Forwarded-For header for the client IPs
in $wgSquidServersNoPurge in wmf-config/squid.php of operations/mediawiki-config.
Version: unspecified
Severity: normal