CF Tunnel was working perfectly for a long time, but suddenly ran into an issue where it simply broke after years of it working properly. In the CF Tunnel logs I was getting Error 400, and in HA logs saw this:
Logger: homeassistant.components.http.forwarded
Source: components/http/forwarded.py:125
Integration: HTTP (documentation, issues)
First occurred: March 1, 2024 at 3:41:29 PM (1182 occurrences)
Last logged: 9:21:34 AM
Received X-Forwarded-For header from an untrusted proxy 192.168.1.1
I included 192.168.1.1/32 as a trusted proxy, and still getting an the login error unable to connect to home assistant.
When I use a different browser - Firefox and Edge, I am able to get the login prompt, but after entering 2FA, it fails. The CF Tunnel logs shows the 400 bad request and get a failed login attempt logged in HA.
Just letting you know, I had the same issues you were having (exactly the same with the error and different browser and CL tunnels). After trying all sorts of IP addresses including 0.0.0.0/0 under the trusted proxy, I finally got it to work by actually restarting home assistant, not just reloading the YAML file. I got it to work with just 192.168.1.1 and ::1 under the trusted_proxies and a full restart of HA (probably dont need ::1 but I left it anyways). I know it said to restart HA in the docs but for some reason I though just reloading the yaml files would be enough…clearly not. All working now.
Was trying to access via my tunnel today and I get 400, bad request. Not sure why, other stuff in my tunnel works fine, only HA gives 400. This is the configuration.yaml setting that has worked before:
