Closes #21468: copy_safe_request() should retain non-sensitive HTTP request headers #230

New Issue

MrUnknownDE · 2026-04-05T16:23:15+02:00

MrUnknownDE commented

2026-04-05 16:23:15 +02:00

Originally created by @jeremystretch on 3/4/2026

Closes: #21468

Define HTTP_REQUEST_META_SENSITIVE to serve as a blacklist for known-sensitive headers
Modify copy_safe_request() to copy all non-sensitive headers (ignoring any not defined as strings)
Add the CopySafeRequestTests test suite

*Originally created by @jeremystretch on 3/4/2026* ### Closes: #21468 - Define `HTTP_REQUEST_META_SENSITIVE` to serve as a blacklist for known-sensitive headers - Modify `copy_safe_request()` to copy all non-sensitive headers (ignoring any not defined as strings) - Add the `CopySafeRequestTests` test suite

MrUnknownDE closed this issue

2026-04-05 16:23:15 +02:00

Sign in to join this conversation.

Branches Tags

main

21455-sql-indexes-audit

21357-register-model-actions

feature

20924-plugin-ui-components

21766-improve-test-coverage-for-sortable-table-columns

21157-export-template-public-models

21025-pre-render-config-contexts

21364-swagger

feature-ip-prefix-link

20911-dropdown-3

fix_module_substitution

21160-filterset

20911-dropdown-2

20044-elevation-stuck-lightmode

7604-filter-modifiers-v3

20660-script-load

19724-graphql

14884-script

19720-macaddress-interface-generic-relation

fix-19669-api-image-download

7604-filter-modifiers

19275-fixes-interface-bulk-edit

fix-17794-get_field_value_return_list

11507-show-aggregate-and-rir-on-api

9583-add_column_specific_search_field_to_tables

No Label

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github/netbox#230

Closes #21468: copy_safe_request() should retain non-sensitive HTTP request headers #230

Closes: #21468

Closes #21468: `copy_safe_request()` should retain non-sensitive HTTP request headers #230