Test program to reproduce an issue with the way X-Forwarded-For is handled by ForwardedHeadersMiddleware

ForwardedHeadersTest.csproj

<Project Sdk="Microsoft.NET.Sdk.Web">

  <PropertyGroup>
    <TargetFramework>netcoreapp2.2</TargetFramework>
  </PropertyGroup>

  <ItemGroup>
    <PackageReference Include="Microsoft.AspNetCore.All" />
  </ItemGroup>

</Project>

Program.cs

using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.HttpOverrides;
using Microsoft.Extensions.DependencyInjection;

namespace ForwardedHeadersTest
{
    public class Program
    {
        public static void Main(string[] args)
        {
            CreateWebHostBuilder(args).Build().Run();
        }

        public static IWebHostBuilder CreateWebHostBuilder(string[] args) =>
            WebHost.CreateDefaultBuilder(args)
                   .UseStartup<Startup>();
    }

    public class Startup
    {
        public void Configure(IApplicationBuilder app, IHostingEnvironment env)
        {
            app.UseForwardedHeaders(new ForwardedHeadersOptions { ForwardedHeaders = ForwardedHeaders.All });

            app.Run(
                async context =>
                {
                    var header = context.Request.Headers["X-Forwarded-For"];
                    string joinedHeader = header.Any() ? string.Join("\r\n", header) : "";
                    await context.Response.WriteAsync(
                        $"X-Forwarded-For:\r\n{joinedHeader}\r\nRemote IP: {context.Connection.RemoteIpAddress}"
                    );
                }
            );
        }
    }
}