Perlbal::Plugin::TrustHeader - Remove untrusted headers
This module allows you to remove headers unless the client is trusted
You can configure headers to be checked based on each service declared, although the service role has to be set to web_server
For each header you want to check, you have to specify the header name and a list of netmasks to trust. Multiple netmasks are separated by white space
This module provides a Perlbal plugin wich can be loaded and used as follows
Load TrustHeader #TrustHeader <service_name> <header_name> <netmask_list> TrustHeader static X-SSL 10.0.0.0/8 CREATE SERVICE static SET ROLE = web_server SET plugins = TrustHeader ENABLE static
In this case for each response served by the Service static, the header X-SSL will be removed before the request is proxied to the backend unless the client is on the local private network
Service static
X-SSL
Graham Barr, <gbarr@pobox.com>
<gbarr@pobox.com>
You can find documentation for this module with the perldoc command.
perldoc Perlbal::Plugin::TrustHeader
You can also look for information at:
RT: CPAN's request tracker
http://rt.cpan.org/NoAuth/Bugs.html?Dist=Perlbal-Plugin-TrustHeader
AnnoCPAN: Annotated CPAN documentation
http://annocpan.org/dist/Perlbal-Plugin-TrustHeader
CPAN Ratings
http://cpanratings.perl.org/d/Perlbal-Plugin-TrustHeader
Search CPAN
http://search.cpan.org/dist/Perlbal-Plugin-TrustHeader/
Copyright 2009 Graham Barr
This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
To install Perlbal::Plugin::TrustHeader, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Perlbal::Plugin::TrustHeader
CPAN shell
perl -MCPAN -e shell install Perlbal::Plugin::TrustHeader
For more information on module installation, please visit the detailed CPAN module installation guide.