[Security] Don't leak proxy credentials to target

This commit is contained in:
ggramaize 2018-08-30 14:34:59 +02:00 committed by Andrew Gaul
parent 807a3c31c0
commit d3a5129f1f

View file

@ -117,6 +117,7 @@ func (p *Proxy) handle(w http.ResponseWriter, r *http.Request) error {
w.WriteHeader(http.StatusProxyAuthRequired)
return nil
}
r.Header.Del("Proxy-Authorization")
}
if r.Method == "CONNECT" {