Claus Ibsen created CAMEL-9052:
----------------------------------
Summary: HttpHeaderFilterStrategy should filter any Camel header
on consumer side as well
Key: CAMEL-9052
URL: https://issues.apache.org/jira/browse/CAMEL-9052
Project: Camel
Issue Type: Improvement
Components: camel-http, camel-http4, camel-jetty
Reporter: Claus Ibsen
Assignee: Claus Ibsen
Fix For: 2.16.0
We filter only on producer, eg when using to. But if you use jetty as consumer
then it may return Camel headers in the http response by default.
Those headers are not intended for http responses and should be skipped. This
is done already when using the producer.
See nabble
http://camel.465427.n5.nabble.com/security-http4-endpoint-headers-leaking-tp5770298.html
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
