From 742f5e8cdab3057ae04f68b445d0f9222bbbea40 Mon Sep 17 00:00:00 2001 From: blotus Date: Thu, 14 Mar 2024 14:00:39 +0100 Subject: [PATCH] [appsec] delete api key header before processing the request (#2890) --- pkg/appsec/request.go | 1 + 1 file changed, 1 insertion(+) diff --git a/pkg/appsec/request.go b/pkg/appsec/request.go index effb18283..5b77f2285 100644 --- a/pkg/appsec/request.go +++ b/pkg/appsec/request.go @@ -320,6 +320,7 @@ func NewParsedRequestFromRequest(r *http.Request, logger *logrus.Entry) (ParsedR delete(r.Header, URIHeaderName) delete(r.Header, VerbHeaderName) delete(r.Header, UserAgentHeaderName) + delete(r.Header, APIKeyHeaderName) originalHTTPRequest := r.Clone(r.Context()) originalHTTPRequest.Body = io.NopCloser(bytes.NewBuffer(body))