From bae4a6e395b3f59f50e501604bb54cc3c457227c Mon Sep 17 00:00:00 2001
From: Till Brehm <tbrehm@ispconfig.org>
Date: Wed, 20 Jul 2016 15:25:38 +0200
Subject: [PATCH] Disable the HTTP_PROXY header in the ispconfig and apps vhost
 files for apache and nginx. ISPConfig itself does not read nor interpret this
 header, but there might be other server components like PHP that might
 interact with it so I'll disable it just to be sure.

---
 install/tpl/apache_apps.vhost.master      | 4 ++++
 install/tpl/apache_ispconfig.vhost.master | 1 +
 install/tpl/nginx_apps.vhost.master       | 1 +
 install/tpl/nginx_ispconfig.vhost.master  | 1 +
 server/conf/apache_apps.vhost.master      | 4 ++++
 server/conf/nginx_apps.vhost.master       | 1 +
 6 files changed, 12 insertions(+)

diff --git a/install/tpl/apache_apps.vhost.master b/install/tpl/apache_apps.vhost.master
index e56b1d6827..4930e253f9 100644
--- a/install/tpl/apache_apps.vhost.master
+++ b/install/tpl/apache_apps.vhost.master
@@ -15,6 +15,10 @@
     SetHandler None
   </FilesMatch>
   
+  <IfModule mod_headers.c>
+	RequestHeader unset Proxy early
+  </IfModule>
+  
   <IfModule mod_php5.c>
     DocumentRoot {tmpl_var name='apps_vhost_dir'}
     AddType application/x-httpd-php .php
diff --git a/install/tpl/apache_ispconfig.vhost.master b/install/tpl/apache_ispconfig.vhost.master
index 6b71378c84..8aa41fafb1 100644
--- a/install/tpl/apache_ispconfig.vhost.master
+++ b/install/tpl/apache_ispconfig.vhost.master
@@ -82,6 +82,7 @@ NameVirtualHost *:<tmpl_var name="vhost_port">
 
   <IfModule mod_headers.c>
     Header always add Strict-Transport-Security "max-age=15768000"
+	RequestHeader unset Proxy early
   </IfModule>
 
   <tmpl_if name='apache_version' op='>=' value='2.3.3' format='version'>
diff --git a/install/tpl/nginx_apps.vhost.master b/install/tpl/nginx_apps.vhost.master
index d2dc07ba10..e1bb6d1849 100644
--- a/install/tpl/nginx_apps.vhost.master
+++ b/install/tpl/nginx_apps.vhost.master
@@ -40,6 +40,7 @@ server {
 
                fastcgi_param   GATEWAY_INTERFACE       CGI/1.1;
                fastcgi_param   SERVER_SOFTWARE         nginx/$nginx_version;
+			   fastcgi_param   HTTP_PROXY              "";
 
                fastcgi_param   REMOTE_ADDR             $remote_addr;
                fastcgi_param   REMOTE_PORT             $remote_port;
diff --git a/install/tpl/nginx_ispconfig.vhost.master b/install/tpl/nginx_ispconfig.vhost.master
index 849877020d..c426e9d0fa 100644
--- a/install/tpl/nginx_ispconfig.vhost.master
+++ b/install/tpl/nginx_ispconfig.vhost.master
@@ -36,6 +36,7 @@ server {
                fastcgi_busy_buffers_size 256k;
                fastcgi_temp_file_write_size 256k;
                fastcgi_read_timeout 1200;
+			   fastcgi_param HTTP_PROXY "";
         }
 
         location ~ /\. {
diff --git a/server/conf/apache_apps.vhost.master b/server/conf/apache_apps.vhost.master
index 7d6d66590a..47d35304f6 100644
--- a/server/conf/apache_apps.vhost.master
+++ b/server/conf/apache_apps.vhost.master
@@ -14,6 +14,10 @@
   <FilesMatch "\.ph(p3?|tml)$">
     SetHandler None
   </FilesMatch>
+  
+  <IfModule mod_headers.c>
+	RequestHeader unset Proxy early
+  </IfModule>
 
   {tmpl_if name="enable_spdy" op="==" value="y"}
   <IfModule spdy_module>
diff --git a/server/conf/nginx_apps.vhost.master b/server/conf/nginx_apps.vhost.master
index 1101d19305..ed5e3a49ae 100644
--- a/server/conf/nginx_apps.vhost.master
+++ b/server/conf/nginx_apps.vhost.master
@@ -32,6 +32,7 @@ server {
 
                fastcgi_param   GATEWAY_INTERFACE       CGI/1.1;
                fastcgi_param   SERVER_SOFTWARE         nginx/$nginx_version;
+			   fastcgi_param   HTTP_PROXY              "";
 
                fastcgi_param   REMOTE_ADDR             $remote_addr;
                fastcgi_param   REMOTE_PORT             $remote_port;
-- 
GitLab