From 519c0fe81d8f922b73139bd762067661691cb24a Mon Sep 17 00:00:00 2001 From: Jigen <111368404+jiigen@users.noreply.github.com> Date: Fri, 2 Dec 2022 16:09:23 +0000 Subject: [PATCH] Remove "X-Requested-With" MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit When any app uses Android’s WebView to load a web page, WebView attaches an extra header, named X-Requested-With, with the value set to the application ID. That include Lightning-I2P browser by R4SAS. Google doesn’t want to make it easy to get rid of the X-Requested-With header. However, there is a mechanism for replacing header information. This doesn’t allow a program to stop sending the X-Requested-With header. More info on: https://www.stoutner.com/the-x-requested-with-header/ --- libi2pd_client/HTTPProxy.cpp | 1 + 1 file changed, 1 insertion(+) diff --git a/libi2pd_client/HTTPProxy.cpp b/libi2pd_client/HTTPProxy.cpp index eb6d29b5..451c9c74 100644 --- a/libi2pd_client/HTTPProxy.cpp +++ b/libi2pd_client/HTTPProxy.cpp @@ -252,6 +252,7 @@ namespace proxy { req.RemoveHeader("From"); req.RemoveHeader("Forwarded"); req.RemoveHeader("DNT"); // Useless DoNotTrack flag + req.RemoveHeader("X-Requested-With"); // Android Webview send this with the value set to the application ID req.RemoveHeader("Accept", "Accept-Encoding"); // Accept*, but Accept-Encoding /* drop proxy-disclosing headers */ req.RemoveHeader("X-Forwarded");