Remove X- headers

rpxy-lib/src/message_handler/utils_headers.rs

@@ -241,7 +241,7 @@ pub(super) fn add_forwarding_header(
     // TODO: In future PR, implement proper RFC 7239 precedence
     // where Forwarded header should take priority over X-Forwarded-For
     // This requires careful testing to ensure no breaking changes
-    append_header_entry_with_comma(headers, X_FORWARDED_FOR, &canonical_client_addr)?;
+    //append_header_entry_with_comma(headers, X_FORWARDED_FOR, &canonical_client_addr)?;
   }
 
   // IMPORTANT: If Forwarded header exists, always update it for consistency
@@ -249,7 +249,7 @@ pub(super) fn add_forwarding_header(
   if has_forwarded {
     match generate_forwarded_header(headers, tls, original_uri) {
       Ok(forwarded_value) => {
-        add_header_entry_overwrite_if_exist(headers, header::FORWARDED.as_str(), forwarded_value)?;
+        //add_header_entry_overwrite_if_exist(headers, header::FORWARDED.as_str(), forwarded_value)?;
       }
       Err(e) => {
         // Log warning but don't fail the request if Forwarded generation fails
@@ -265,20 +265,20 @@ pub(super) fn add_forwarding_header(
   /////////// As Nginx
   // If we receive X-Forwarded-Proto, pass it through; otherwise, pass along the
   // scheme used to connect to this server
-  add_header_entry_if_not_exist(headers, X_FORWARDED_PROTO, if tls { "https" } else { "http" })?;
+  //add_header_entry_if_not_exist(headers, X_FORWARDED_PROTO, if tls { "https" } else { "http" })?;
   // If we receive X-Forwarded-Port, pass it through; otherwise, pass along the
   // server port the client connected to
-  add_header_entry_if_not_exist(headers, X_FORWARDED_PORT, listen_addr.port().to_string())?;
+  //add_header_entry_if_not_exist(headers, X_FORWARDED_PORT, listen_addr.port().to_string())?;
 
   /////////// As Nginx-Proxy
   // x-real-ip
-  add_header_entry_overwrite_if_exist(headers, X_REAL_IP, canonical_client_addr)?;
+  //add_header_entry_overwrite_if_exist(headers, X_REAL_IP, canonical_client_addr)?;
   // x-forwarded-ssl
-  add_header_entry_overwrite_if_exist(headers, X_FORWARDED_SSL, if tls { "on" } else { "off" })?;
+  //add_header_entry_overwrite_if_exist(headers, X_FORWARDED_SSL, if tls { "on" } else { "off" })?;
   // x-original-uri
-  add_header_entry_overwrite_if_exist(headers, X_ORIGINAL_URI, original_uri.to_string())?;
+  //add_header_entry_overwrite_if_exist(headers, X_ORIGINAL_URI, original_uri.to_string())?;
   // proxy
-  add_header_entry_overwrite_if_exist(headers, "proxy", "")?;
+  //add_header_entry_overwrite_if_exist(headers, "proxy", "")?;
 
   Ok(())
 }
@@ -316,13 +316,13 @@ fn update_xff_from_forwarded(headers: &mut HeaderMap, client_addr: &SocketAddr)
     // Replace X-Forwarded-For with the chain from Forwarded header
     headers.remove(X_FORWARDED_FOR);
     for ip in forwarded_chain {
-      append_header_entry_with_comma(headers, X_FORWARDED_FOR, &ip)?;
+      //append_header_entry_with_comma(headers, X_FORWARDED_FOR, &ip)?;
     }
   }
 
   // Append current client IP (standard behavior)
   let canonical_client_addr = client_addr.to_canonical().ip().to_string();
-  append_header_entry_with_comma(headers, X_FORWARDED_FOR, &canonical_client_addr)?;
+  //append_header_entry_with_comma(headers, X_FORWARDED_FOR, &canonical_client_addr)?;
 
   Ok(())
 }