This PR addresses issues when propagating errors from a client back to a handler. On the client side connect errors will contain all response headers: transport (Content-Type, Content-Length, etc), protocol and application headers. These could break the transport when trying to re-encode the error or leak sensitive information between services. For any wire errors (errors decoded from a client response) we now disable meta propagation. For other errors we now also restrict the headers propagated.
This PR addresses issues when propagating errors from a client back to a handler. On the client side connect errors will contain all response headers: transport (
Content-Type
,Content-Length
, etc), protocol and application headers. These could break the transport when trying to re-encode the error or leak sensitive information between services. For any wire errors (errors decoded from a client response) we now disable meta propagation. For other errors we now also restrict the headers propagated.