TyleoDvDelaware3217/GoDoxy
1
0
Fork 0
mirror of https://github.com/yusing/godoxy.git synced 2025-06-09 04:52:35 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

security: drop service headers

Browse source
This commit is contained in:
yusing 2025-04-22 15:58:53 +08:00
parent 0a8aa2b215
commit ef483403da
2 changed files with 7 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
internal/net/gphttp/httpheaders/utils.go
View file

@ -82,6 +82,11 @@ func RemoveHop(h http.Header) {
} }
} }
func RemoveServiceHeaders(h http.Header) {
h.Del("X-Powered-By")
h.Del("Server")
}
func CopyHeader(dst, src http.Header) { func CopyHeader(dst, src http.Header) {
for k, vv := range src { for k, vv := range src {
for _, v := range vv { for _, v := range vv {

2
internal/net/gphttp/reverseproxy/reverse_proxy_mod.go
View file

@ -380,6 +380,8 @@ func (p *ReverseProxy) handler(rw http.ResponseWriter, req *http.Request) {
}() }()
} }
httpheaders.RemoveServiceHeaders(res.Header)
// Deal with 101 Switching Protocols responses: (WebSocket, h2c, etc) // Deal with 101 Switching Protocols responses: (WebSocket, h2c, etc)
if res.StatusCode == http.StatusSwitchingProtocols { if res.StatusCode == http.StatusSwitchingProtocols {
if !p.modifyResponse(rw, res, req, outreq) { if !p.modifyResponse(rw, res, req, outreq) {