jaysonsantos opened a new issue, #9595: URL: https://github.com/apache/apisix/issues/9595
### Current Behavior Not sure if this is a bug because the header removal seems to be a security thing but, I wonder if not being able to set upstream's headers with values like $ssl_client_cert should be allowed or not. ### Expected Behavior Upstream should receive the header ### Error Logs No logs as the error is on the upstream [1], it expects to see the client's certificate when being proxied but it won't be set as it gets removed. [1] https://docs.syncthing.net/users/stdiscosrv.html ### Steps to Reproduce - Configure a proxy-rewrite for a route and add the header, or in my case a plugin config being referenced in a route. ``` apiVersion: apisix.apache.org/v2 kind: ApisixPluginConfig metadata: name: syncthing-discovery-server spec: plugins: - name: proxy-rewrite enable: true config: headers: set: X-SSL-Cert: $ssl_client_cert X-Client-Port: $remote_port X-Forwarded-For: $proxy_add_x_forwarded_for ``` ### Environment - APISIX version (run `apisix version`): docker image is apache/apisix:3.3.0-debian - Operating system (run `uname -a`): ubuntu 22.04 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
