On 5/18/22 2:31 PM, Eric Covener wrote:
>> Given the above, I believe the interpretation of X-F5-Auth-Token should
>> be that it is an end-to-end header, and should therefore NOT be removed
>> from the proxied request.
>>
>> The text does say "All other headers *defined by HTTP/1.1* are
>> end-to-end headers" (emphasis mine, of course), and the X-F5-Auth-Token
>> header isn't defined by HTTP/1.1 (it's a custom one), but I think the
>> definition of specific hop-by-hop headers implies that *all* other
>> headers should be considered end-to-end.
>
> I don't think that interpretation can be squared with e.g.
>
> https://datatracker.ietf.org/doc/html/rfc7230#section-3.2.1
> https://datatracker.ietf.org/doc/html/rfc7230#section-6.1
>
I get to the same conclusion. The current proxy code does it correctly.
Regards
RĂ¼diger
