net/http header canonicalization modifying responses

denandz / glorp

A CLI-based HTTP intercept and replay proxy

BSD 3-Clause "New" or "Revised" License

243 stars 14 forks source link

net/http header canonicalization modifying responses #23

Open denandz opened 1 month ago

denandz commented 1 month ago

net/http implements transparent header canonicalization when reading to / writing from the headers object. Meaning if a server sends x-some-header, martian (and net/http) will transparently change that to X-Some-Header.

This breaks clients which are not RFC compliant and introduces traffic mutation for what should be a transparent intercepting proxy.

denandz commented 1 month ago

More information is available in the Go issue: https://github.com/golang/go/issues/37834