You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@apisix.apache.org by GitBox <gi...@apache.org> on 2021/10/26 09:05:29 UTC
[GitHub] [apisix] feipengheart opened a new issue #5338: request help: Refused to set unsafe header "Date"
feipengheart opened a new issue #5338:
URL: https://github.com/apache/apisix/issues/5338
### Issue description
在使用hmac-auth时候,需要在headers里传Date,但是现在前端传date的过程中遇到如下报错:Refused to set unsafe header "Date",而且前端似乎无法解决,请问如何apisix能修改这个参数吗
### Environment
- apisix version (cmd: `apisix version`):
- OS (cmd: `uname -a`):
- OpenResty / Nginx version (cmd: `nginx -V` or `openresty -V`):
- etcd version, if have (cmd: run `curl http://127.0.0.1:9090/v1/server_info` to get the info from server-info API):
- apisix-dashboard version, if have:
- the plugin runner version, if the issue is about a plugin runner (cmd: depended on the kind of runner):
- luarocks version, if the issue is about installation (cmd: `luarocks --version`):
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] feipengheart commented on issue #5338: request help: Refused to set unsafe header "Date"
Posted by GitBox <gi...@apache.org>.
feipengheart commented on issue #5338:
URL: https://github.com/apache/apisix/issues/5338#issuecomment-951743332
> Date is a generic header, so where do you want to modify it? In request headers or response headers?
请求头里date修改成其他参数比如说request_date,因为w3c认为date是不安全字段,前端那边传不了
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] spacewander commented on issue #5338: request help: Refused to set unsafe header "Date"
Posted by GitBox <gi...@apache.org>.
spacewander commented on issue #5338:
URL: https://github.com/apache/apisix/issues/5338#issuecomment-952602642
Consider solved. Feel free to reopen it if need.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] jagerzhang commented on issue #5338: request help: Refused to set unsafe header "Date"
Posted by GitBox <gi...@apache.org>.
jagerzhang commented on issue #5338:
URL: https://github.com/apache/apisix/issues/5338#issuecomment-951779209
这个问题我在用kong的时候遇到过,在浏览器POSTMAN之类的上面传入hmac鉴权头部来鉴权的时候,date字段会被直接过滤,导致无法鉴权。建议apisix支持在插件配置里面自定义date头部字段,比如 x-date,这个在kong是可以定义的:
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] feipengheart commented on issue #5338: request help: Refused to set unsafe header "Date"
Posted by GitBox <gi...@apache.org>.
feipengheart commented on issue #5338:
URL: https://github.com/apache/apisix/issues/5338#issuecomment-951735251
When use the hmac - auth, need to pass the Date in headers, but now in the process of the front end Date transfer encountered the following error: Refused to set the unsafe header "Date", but the front seems unable to solve, how do I apisix can modify the parameters
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] spacewander commented on issue #5338: request help: Refused to set unsafe header "Date"
Posted by GitBox <gi...@apache.org>.
spacewander commented on issue #5338:
URL: https://github.com/apache/apisix/issues/5338#issuecomment-951875163
we already supported it? See https://apisix.apache.org/docs/apisix/plugins/hmac-auth#custom-header-key
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] tokers commented on issue #5338: request help: Refused to set unsafe header "Date"
Posted by GitBox <gi...@apache.org>.
tokers commented on issue #5338:
URL: https://github.com/apache/apisix/issues/5338#issuecomment-951737836
Date is a generic header, so where do you want to modify it? In request headers or response headers?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] spacewander closed issue #5338: request help: Refused to set unsafe header "Date"
Posted by GitBox <gi...@apache.org>.
spacewander closed issue #5338:
URL: https://github.com/apache/apisix/issues/5338
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org