我正在构建一个简单的 PoC 来剥离X-FORWARDED-*标头,同时通过 Zuul 网关调用微服务。我尝试使用route过滤器,但在那里找不到这些标题。
默认标头在哪里添加,我们如何删除它?
发现了。在application.properties中添加以下内容
zuul.add-proxy-headers=false
对我有用
RequestContext.getCurrentContext().getZuulRequestHeaders().remove("name of the header to be remove");
或
return new HttpServletRequestWrapper(request) {
private Set<String> headerNameSet;
@Override
public Enumeration<String> getHeaderNames() {
if (headerNameSet == null) {
// first time this method is called, cache the wrapped request's header names:
headerNameSet = new HashSet<>();
Enumeration<String> wrappedHeaderNames = super.getHeaderNames();
while (wrappedHeaderNames.hasMoreElements()) {
String headerName = wrappedHeaderNames.nextElement();
if (!headerName.contains("x-forwarded")) {
headerNameSet.add(headerName);
}
}
}
return Collections.enumeration(headerNameSet);
}
@Override
public Enumeration<String> getHeaders(String name) {
if (name.contains("x-forwarded")) {
return Collections.<String>emptyEnumeration();
}
return super.getHeaders(name);
}
@Override
public String getHeader(String name) {
if (name.contains("x-forwarded")) {
return null;
}
return super.getHeader(name);
}
};
通过配置文件的简单一个
zuul:
#mentioned header are ignored while build the request in zuul
ignored-header: header_name1, header_name2
#Will ignore all the x-forward-* headers
add-proxy-headers: false