Commit f684fc7
committed
config: clarify sensitive redirect headers match net/http
The stripped header list (including Proxy-Authorization and
Proxy-Authenticate) now matches makeHeadersCopier in net/http, which
gained the Proxy-* entries in the fix for CVE-2025-4673.
Signed-off-by: Julien Pivotto <291750+roidelapluie@users.noreply.github.com>1 parent f84efec commit f684fc7
1 file changed
Lines changed: 2 additions & 4 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1178 | 1178 | | |
1179 | 1179 | | |
1180 | 1180 | | |
1181 | | - | |
1182 | | - | |
1183 | | - | |
1184 | | - | |
| 1181 | + | |
| 1182 | + | |
1185 | 1183 | | |
1186 | 1184 | | |
1187 | 1185 | | |
| |||
0 commit comments