Browse Source

[http proxy] do not remove X-Requested-With for *HttpRequest (#1816)

Signed-off-by: R4SAS <r4sas@i2pmail.org>
pull/1828/head
R4SAS 2 years ago
parent
commit
6376328c98
Signed by: r4sas
GPG Key ID: 66F6C87B98EBCFE2
  1. 13
      libi2pd_client/HTTPProxy.cpp

13
libi2pd_client/HTTPProxy.cpp

@ -252,7 +252,6 @@ namespace proxy {
req.RemoveHeader("From"); req.RemoveHeader("From");
req.RemoveHeader("Forwarded"); req.RemoveHeader("Forwarded");
req.RemoveHeader("DNT"); // Useless DoNotTrack flag req.RemoveHeader("DNT"); // Useless DoNotTrack flag
req.RemoveHeader("X-Requested-With"); // Android Webview send this with the value set to the application ID
req.RemoveHeader("Accept", "Accept-Encoding"); // Accept*, but Accept-Encoding req.RemoveHeader("Accept", "Accept-Encoding"); // Accept*, but Accept-Encoding
/* drop proxy-disclosing headers */ /* drop proxy-disclosing headers */
req.RemoveHeader("X-Forwarded"); req.RemoveHeader("X-Forwarded");
@ -260,6 +259,18 @@ namespace proxy {
/* replace headers */ /* replace headers */
req.UpdateHeader("User-Agent", "MYOB/6.66 (AN/ON)"); req.UpdateHeader("User-Agent", "MYOB/6.66 (AN/ON)");
/**
* i2pd PR #1816:
* Android Webview send this with the value set to the application ID, so we drop it,
* but only if it does not belong to an AJAX request (*HttpRequest, like XMLHttpRequest).
*/
if(req.GetHeader("X-Requested-With") != "") {
auto h = req.GetHeader ("X-Requested-With");
auto x = h.find("HttpRequest");
if (x == std::string::npos) // not found
req.RemoveHeader("X-Requested-With");
}
/** /**
* according to i2p ticket #1862: * according to i2p ticket #1862:
* leave Referer if requested URL with same schema, host and port, * leave Referer if requested URL with same schema, host and port,

Loading…
Cancel
Save