Do not copy hop-by-hop headers to forward auth request

2018-09-24 10:42:03 +02:00 · 2018-09-24 10:42:03 +02:00 · 29473ef356
commit 29473ef356
parent 1f1ecb15f6
2 changed files with 40 additions and 7 deletions
--- a/middlewares/auth/forward.go
+++ b/middlewares/auth/forward.go
@ -105,6 +105,7 @@ func Forward(config *types.Forward, w http.ResponseWriter, r *http.Request, next

 func writeHeader(req *http.Request, forwardReq *http.Request, trustForwardHeader bool) {
 	utils.CopyHeaders(forwardReq.Header, req.Header)
+	utils.RemoveHeaders(forwardReq.Header, forward.HopHeaders...)

 	if clientIP, _, err := net.SplitHostPort(req.RemoteAddr); err == nil {
 		if trustForwardHeader {