[
https://issues.apache.org/jira/browse/CAMEL-6865?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13954891#comment-13954891
]
daniel carter commented on CAMEL-6865:
--------------------------------------
It's quite a surprise on outgoing requests that all our internal routing
headers get passed to 3rd parties as HTTP Headers.
We have all sorts of logic that is internal to the application setting headers
that have absolutely nothing to do with HTTP.
While we can filter this out with a custom header filter on .\*, i would
suggest the default should be not to expose all the headers over HTTP. How do
other components handle this? Do JMS messages by default have the camel
headers set as jms headers? I know with cxf for instance it *doesn't* pass
message headers as Soap Headers.
> Investigate if CXF RS component can make in HTTP headers not visible to the
> rest of the route
> ---------------------------------------------------------------------------------------------
>
> Key: CAMEL-6865
> URL: https://issues.apache.org/jira/browse/CAMEL-6865
> Project: Camel
> Issue Type: Improvement
> Components: camel-cxf
> Affects Versions: 2.12.1
> Reporter: Sergey Beryozkin
> Priority: Minor
>
> According to the user reports, CXF RS component can make the incoming HTTP
> headers visible to the components which follow it, IMHO by default such
> headers should only be visible to CXF endpoint.
> Check if it is realistic to do it.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
