Uploaded image for project: 'Camel'
  1. Camel
  2. CAMEL-9052

HttpHeaderFilterStrategy should filter any Camel header on consumer side as well

    Details

    • Estimated Complexity:
      Unknown

      Description

      We filter only on producer, eg when using to. But if you use jetty as consumer then it may return Camel headers in the http response by default.

      Those headers are not intended for http responses and should be skipped. This is done already when using the producer.

      See nabble
      http://camel.465427.n5.nabble.com/security-http4-endpoint-headers-leaking-tp5770298.html

        Attachments

          Activity

            People

            • Assignee:
              davsclaus Claus Ibsen
              Reporter:
              davsclaus Claus Ibsen
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: