[Security] Don't leak proxy credentials to target

This commit is contained in:
ggramaize 2018-08-30 14:34:59 +02:00 committed by Andrew Gaul
parent 807a3c31c0
commit d3a5129f1f

View file

@ -117,6 +117,7 @@ func (p *Proxy) handle(w http.ResponseWriter, r *http.Request) error {
w.WriteHeader(http.StatusProxyAuthRequired) w.WriteHeader(http.StatusProxyAuthRequired)
return nil return nil
} }
r.Header.Del("Proxy-Authorization")
} }
if r.Method == "CONNECT" { if r.Method == "CONNECT" {