Skip to content
This repository has been archived by the owner on Apr 21, 2023. It is now read-only.

duplicate-headers: prevent some headers from being copied over #321

Merged
merged 1 commit into from
May 2, 2013

Conversation

oschaaf
Copy link
Member

@oschaaf oschaaf commented May 2, 2013

Amongst other headers, don't copy the "Connection" response-header
when we receive it from psol.

Combined with our config trick[1] to prevent add_header from setting
any other headers should fix
#314 (yet to be confirmed)

[1] location ~ ".pagespeed.([a-z].)?[a-z]{2}.[^.]{10}.[^.]+" {
add_header "" "";
}

Amongst other headers, don't copy the "Connection" response-header
when we receive it from psol.

Combined with our config trick[1] to prevent add_header from setting
any other headers should fix

[1] location ~ ".pagespeed.([a-z].)?[a-z]{2}.[^.]{10}.[^.]+" {
add_header "" "";
}
@jeffkaufman
Copy link
Contributor

I wonder whether we should just us a whitelist instead. What are the headers we do want to copy?

@oschaaf
Copy link
Member Author

oschaaf commented May 2, 2013

@jeffkaufman "I wonder whether we should just us a whitelist instead. What are the headers we do want to copy?"

The reason I went with blacklisting here, is that we may receive custom headers from our upstream, that it sends out to communicate with something in our downstream. As we don't know what these headers could be, it is hard to whitelist them.

Considering that, what do you think?

@jeffkaufman
Copy link
Contributor

Ok; blacklist LGTM.

jeffkaufman added a commit that referenced this pull request May 2, 2013
duplicate-headers: prevent some headers from being copied over
@jeffkaufman jeffkaufman merged commit 458fe68 into master May 2, 2013
@jeffkaufman jeffkaufman deleted the oschaaf-duplicate-headers branch May 2, 2013 19:49
@jeffkaufman
Copy link
Contributor

Released in 1.5.27.3

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

2 participants