Add Authorize to sensitive headers in zuul proxy

9ea64308 · Dave Syer · b8cbf4e6 · 9ea64308 · 9ea64308
Commit 9ea64308 authored Mar 02, 2016 by Dave Syer
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

spring-cloud-netflix.adoc docs/src/main/asciidoc/spring-cloud-netflix.adoc +1 -1

ZuulProperties.java ...gframework/cloud/netflix/zuul/filters/ZuulProperties.java +1 -1

No files found.
--- a/docs/src/main/asciidoc/spring-cloud-netflix.adoc
+++ b/docs/src/main/asciidoc/spring-cloud-netflix.adoc
@@ -1263,7 +1263,7 @@ route, e.g.
  routes:
    users:
      path: /myusers/**
-      sensitiveHeaders: Cookie,Set-Cookie
+      sensitiveHeaders: Cookie,Set-Cookie,Authorization
      url: https://dowstream
 ----


--- a/spring-cloud-netflix-core/src/main/java/org/springframework/cloud/netflix/zuul/filters/ZuulProperties.java
+++ b/spring-cloud-netflix-core/src/main/java/org/springframework/cloud/netflix/zuul/filters/ZuulProperties.java
@@ -123,7 +123,7 @@ public class ZuulProperties {
 		private Boolean retryable;

 		private Set<String> sensitiveHeaders = new LinkedHashSet<>(
-				Arrays.asList("Cookie", "Set-Cookie"));
+				Arrays.asList("Cookie", "Set-Cookie", "Authorization"));

 		public ZuulRoute(String text) {
 			String location = null;