Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ModifyResponseHeader rewrites response headers indiscriminately #61

Closed
dtomcej opened this issue Nov 12, 2019 · 0 comments · Fixed by #62
Closed

ModifyResponseHeader rewrites response headers indiscriminately #61

dtomcej opened this issue Nov 12, 2019 · 0 comments · Fixed by #62

Comments

@dtomcej
Copy link
Contributor

dtomcej commented Nov 12, 2019
edited
Loading

The commit 624f918

Avoids an extra redirect by modifying the scheme on the location response header.

However, it does not check that the location referred to in the header is SSLHost.

In effect, it rewrites all location responses to https, even if the proxy implementing unrolled/secure is not handling the domain.

It prevents redirecting to third party http URLs.

The modification should also not rewrite the scheme if there is a port defined in the response header.

Related issue: traefik/traefik#5807

PR Incoming
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add SSLHost logic to ModifyResponseHeaders() dtomcej/secure
1 participant
@dtomcej