From 854aa1791fb1dcec401f6dc0400f2707f228f6cb Mon Sep 17 00:00:00 2001
From: Grant Slater <git@firefishy.com>
Date: Mon, 18 Jul 2016 16:59:18 +0100
Subject: [PATCH] nominatim: Mitigate env HTTP_PROXY via cgi proxy header

---
 cookbooks/nominatim/templates/default/apache.erb | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/cookbooks/nominatim/templates/default/apache.erb b/cookbooks/nominatim/templates/default/apache.erb
index ba30f0dd6..1afe817e5 100644
--- a/cookbooks/nominatim/templates/default/apache.erb
+++ b/cookbooks/nominatim/templates/default/apache.erb
@@ -19,6 +19,9 @@
     SSLProxyEngine on
 <% end -%>
 
+    # Remove Proxy request header to mitigate https://httpoxy.org/
+    RequestHeader unset Proxy early
+
     CustomLog /var/log/apache2/nominatim.openstreetmap.org-access.log combined
     ErrorLog /var/log/apache2/nominatim.openstreetmap.org-error.log
 
-- 
2.43.2