beenull/crowdsec
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

[appsec] delete api key header before processing the request (#2890)

Browse source
This commit is contained in:
blotus 2024-03-14 14:00:39 +01:00 committed by GitHub
parent 6c042f18f0
commit 742f5e8cda
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 1 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
pkg/appsec/request.go
View file

@ -320,6 +320,7 @@ func NewParsedRequestFromRequest(r *http.Request, logger *logrus.Entry) (ParsedR
delete(r.Header, URIHeaderName)
delete(r.Header, VerbHeaderName)
delete(r.Header, UserAgentHeaderName)
delete(r.Header, APIKeyHeaderName)
originalHTTPRequest := r.Clone(r.Context())
originalHTTPRequest.Body = io.NopCloser(bytes.NewBuffer(body))