Mitigate HTTPoxy Vulnerability

2016-07-20 09:55:46 -04:00 · 2016-07-20 09:55:46 -04:00 · a38f2b21a1
commit a38f2b21a1
parent ce7085d277
1 changed files with 4 additions and 0 deletions
--- a/controllers/nginx/nginx.tmpl
+++ b/controllers/nginx/nginx.tmpl
@ -241,6 +241,10 @@ http {
            proxy_set_header X-Forwarded-Port       $server_port;
            proxy_set_header X-Forwarded-Proto      $pass_access_scheme;

+            # mitigate HTTPoxy Vulnerability
+            # https://www.nginx.com/blog/mitigating-the-httpoxy-vulnerability-with-nginx/
+            proxy_set_header Proxy                  "";
+
            proxy_connect_timeout                   {{ $cfg.proxyConnectTimeout }}s;
            proxy_send_timeout                      {{ $cfg.proxySendTimeout }}s;
            proxy_read_timeout                      {{ $cfg.proxyReadTimeout }}s;