nominatim: Mitigate env HTTP_PROXY via cgi proxy header
authorGrant Slater <git@firefishy.com>
Mon, 18 Jul 2016 15:59:18 +0000 (16:59 +0100)
committerGrant Slater <git@firefishy.com>
Mon, 18 Jul 2016 15:59:18 +0000 (16:59 +0100)
cookbooks/nominatim/templates/default/apache.erb

index ba30f0dd6ea85b5aa6767029fe409308f6860e01..1afe817e58bcaf8744b61e6fa814fa405c9225c4 100644 (file)
@@ -19,6 +19,9 @@
     SSLProxyEngine on
 <% end -%>
 
+    # Remove Proxy request header to mitigate https://httpoxy.org/
+    RequestHeader unset Proxy early
+
     CustomLog /var/log/apache2/nominatim.openstreetmap.org-access.log combined
     ErrorLog /var/log/apache2/nominatim.openstreetmap.org-error.log