From c809ef29b2ddb9fcaea342457dd513ec42b80e43 Mon Sep 17 00:00:00 2001
From: Tommy <contact@tommytran.io>
Date: Fri, 3 Jan 2025 06:15:48 -0700
Subject: [PATCH] Block dangerous X headers

---
 etc/nginx/snippets/proxy.conf | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/etc/nginx/snippets/proxy.conf b/etc/nginx/snippets/proxy.conf
index 1dc108b..2ea7ce3 100644
--- a/etc/nginx/snippets/proxy.conf
+++ b/etc/nginx/snippets/proxy.conf
@@ -10,11 +10,6 @@ proxy_set_header Early-Data $ssl_early_data;
 # Restore visitor IP
 proxy_set_header X-Real-IP $remote_addr;
 
-# Restore original method & URL
-proxy_set_header X-Original-Method $request_method;
-proxy_set_header X-Original-URL $scheme://$http_host$request_uri;
-proxy_set_header X-Original-URI $request_uri;
-
 # Forward host header
 proxy_set_header Host $host;
 
@@ -31,3 +26,14 @@ proxy_set_header X-Forwarded-Port $server_port;
 
 # Hide X-Powered-By
 proxy_hide_header X-Powered-By;
+
+# CVE-2018-14773
+proxy_set_header X-Original-URL "";
+proxy_set_header X-Rewrite-URL "";
+
+# Not the CVE, but is extremely similar
+proxy_set_header X-Original-URI "";
+
+# Potentially dangerous: https://github.com/oauth2-proxy/oauth2-proxy/issues/735
+proxy_set_header X-Original-Method "";
+proxy_set_header X-Forwarded-Method "";
\ No newline at end of file