gxthrj opened a new issue #2538: URL: https://github.com/apache/apisix/issues/2538
### Issue description 1.use plugin `hmac-auth` 2. add logs in rewrite phase in plugin ``` curl "http://127.0.0.1:8080/api/v1/cluster?appId=1&pageSize=2&pageNum=3"; -X GET -H "Cookie:geely-sso-token=852b8416-f9f2-45cc-90de-e33c512288dd" -H "X-Gca-Signed-Headers:X-Gca-Timestamp;Content-Type;Host" -H "X-Gca-Algorithm:hmac-sha256" -H "X-Gca-Access-Key:88d52b2b5349543536" -H "X-Gca-Timestamp:1603767678891" -H "X-Gca-Signature:sOk6EwCPFV0cakB/Akl9GY5dpU8I2npFhdx1IF2azmQ=" -H "Date:Tue, 27 Oct 2020 03:01:18 GMT" -H "Content-Type:application/json" ```  the signature has been validate, and then rewrite again 3. if we do choose `keep_headers = true`, it will be in endless loop. ### Environment * apisix version : 2.0 RC * OS: ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
