From 752fbabf060f31db7de3f03d632bc047baba5087 Mon Sep 17 00:00:00 2001
From: Grant Slater <git@firefishy.com>
Date: Mon, 18 Jul 2016 17:06:09 +0100
Subject: [PATCH] munin: Mitigate env HTTP_PROXY via cgi proxy header

---
 cookbooks/munin/templates/default/apache.erb | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/cookbooks/munin/templates/default/apache.erb b/cookbooks/munin/templates/default/apache.erb
index 141d2a50f..15c5009e6 100644
--- a/cookbooks/munin/templates/default/apache.erb
+++ b/cookbooks/munin/templates/default/apache.erb
@@ -15,6 +15,9 @@
 	Alias /static/ /etc/munin/static/
 	ScriptAlias /munin-cgi/ /usr/lib/munin/cgi/
 
+	# Remove Proxy request header to mitigate https://httpoxy.org/
+	RequestHeader unset Proxy early
+
 	RewriteEngine on
 	RewriteCond %{REQUEST_URI} !^/static/
 	RewriteRule ^(/.*\.html)?$ /munin-cgi/munin-cgi-html/$1 [PT]
-- 
2.43.2