sec23206
commented
3 years ago Actually, I just tried something which had an effect ... in the startup for Kong, we include this setting:
-e "KONG_HEADERS=X-Kong-Proxy-Latency, X-Kong-Response-Latency, X-Kong-Upstream-Latency, X-Kong-Upstream-Status, X-Kong-Admin-Latency" \This is because for security reasons, we want to ensure Kong does not include the "Via" header to clients (so they don't know they are talking to Kong). My understanding about this setting is that it tells Kong which are the "legal" headers to send to a client. When I removed this from the startup, now I'm seeing the X-Kong-Upstream-Status header that my plugin is adding. But I don't understand why the other "legal" headers like X-Kong-Upstream-Latency went through OK, and what is the connection between this setting and a bespoke plugin that tried to set one of the headers.
fffonion
Trying to understand using the JavaScript PDK and I've written a simple plugin which converts XML from a legacy web service to JSON. It seems to be working for the most part, but I'm seeing a message in the Kong logs after the plugin executes:
I've noted that the other X-Kong-* headers like X-Kong-Upstream-Latency and X-Kong-Proxy-Latency are still passing thru to the client, but not X-Kong-Upstream-Status. I've tried adding it myself in the response(kong) method:
But this doesn't seem to work. I can add other headers, e.g.:
I was even able to add it if I change the name to "Kong-Upstream-Status" and also added a header called "X-Kong-foo", so it seems that it's the fact that it's X-Kong-Upstream-Status. Also, don't understand why other X-Kong-* headers seem to be passing thru unmolested, but this one is stripped out by the existence of this plugin.
Is that just a limitation of the PDK, or am I missing something?