nominatim: Mitigate env HTTP_PROXY via cgi proxy header

author Grant Slater <git@firefishy.com>

Mon, 18 Jul 2016 15:59:18 +0000 (16:59 +0100)

committer Grant Slater <git@firefishy.com>

Mon, 18 Jul 2016 15:59:18 +0000 (16:59 +0100)
author Grant Slater <git@firefishy.com>
Mon, 18 Jul 2016 15:59:18 +0000 (16:59 +0100)
committer Grant Slater <git@firefishy.com>
Mon, 18 Jul 2016 15:59:18 +0000 (16:59 +0100)
diff --git a/cookbooks/nominatim/templates/default/apache.erb b/cookbooks/nominatim/templates/default/apache.erb

index ba30f0dd6ea85b5aa6767029fe409308f6860e01..1afe817e58bcaf8744b61e6fa814fa405c9225c4 100644 (file)
--- a/cookbooks/nominatim/templates/default/apache.erb
+++ b/cookbooks/nominatim/templates/default/apache.erb
@@ -19,6 +19,9 @@
      SSLProxyEngine on
  <% end -%>
  
+    # Remove Proxy request header to mitigate https://httpoxy.org/
+    RequestHeader unset Proxy early
+
      CustomLog /var/log/apache2/nominatim.openstreetmap.org-access.log combined
      ErrorLog /var/log/apache2/nominatim.openstreetmap.org-error.log
author	Grant Slater <git@firefishy.com>
	Mon, 18 Jul 2016 15:59:18 +0000 (16:59 +0100)
committer	Grant Slater <git@firefishy.com>
	Mon, 18 Jul 2016 15:59:18 +0000 (16:59 +0100)