homelab/traefik
1
0
Fork 0
Code Activity

Allow X-Forwarded-For delete operation

Browse source 
Co-authored-by: landrybe <lbenguigui@gmail.com>
This commit is contained in:
Romain 2023-09-22 11:00:07 +02:00 committed by GitHub
parent dbc679dc30
commit 4d63eb30f9
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 82 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

5
pkg/middlewares/headers/header.go
View file

@ -10,6 +10,7 @@ import (
"github.com/traefik/traefik/v2/pkg/config/dynamic"
"github.com/traefik/traefik/v2/pkg/log"
"github.com/vulcand/oxy/v2/forward"
)
// Header is a middleware that helps setup a few basic security features.
@ -70,6 +71,10 @@ func (s *Header) modifyCustomRequestHeaders(req *http.Request) {
// Loop through Custom request headers
for header, value := range s.headers.CustomRequestHeaders {
switch {
// Handling https://github.com/golang/go/commit/ecdbffd4ec68b509998792f120868fec319de59b.
case value == "" && header == forward.XForwardedFor:
req.Header[header] = nil
case value == "":
req.Header.Del(header)

5
pkg/middlewares/headers/header_test.go
View file

@ -29,11 +29,14 @@ func TestNewHeader_customRequestHeader(t *testing.T) {
desc: "delete a header",
cfg: dynamic.Headers{
CustomRequestHeaders: map[string]string{
"X-Forwarded-For": "",
"X-Custom-Request-Header": "",
"Foo": "",
},
},
expected: http.Header{},
expected: http.Header{
"X-Forwarded-For": nil,
},
},
{
desc: "override a header",