Merge pull request #170 from TeamPiped/harden-headers

fix: filter out some headers that could leak user information
2024-08-14 23:50:45 +00:00 · 2024-04-05 20:20:57 +02:00 · 2024-04-05 20:20:57 +02:00 · 8e93dde1b5
commit 8e93dde1b5
parent a872d9f7b6 52896e779c
1 changed files with 3 additions and 0 deletions
--- a/src/main.rs
+++ b/src/main.rs
@ -121,6 +121,9 @@ fn is_header_allowed(header: &str) -> bool {
            | "user-agent"
            | "range"
            | "transfer-encoding"
+            | "x-real-ip"
+            | "origin"
+            | "referer"
    )
 }