munin: Mitigate env HTTP_PROXY via cgi proxy header

diff --git a/cookbooks/munin/templates/default/apache.erb b/cookbooks/munin/templates/default/apache.erb
index 141d2a50f50c58e09fb7ed464c80ad47ef190f8e..15c5009e66c1739776769b294363c4989531f7a9 100644 (file)
--- a/cookbooks/munin/templates/default/apache.erb
+++ b/cookbooks/munin/templates/default/apache.erb
@@ -15,6 +15,9 @@
        Alias /static/ /etc/munin/static/
        ScriptAlias /munin-cgi/ /usr/lib/munin/cgi/
 
+       # Remove Proxy request header to mitigate https://httpoxy.org/
+       RequestHeader unset Proxy early
+
        RewriteEngine on
        RewriteCond %{REQUEST_URI} !^/static/
        RewriteRule ^(/.*\.html)?$ /munin-cgi/munin-cgi-html/$1 [PT]