- void clearHeader(const char* name) {
- string hdr(!strcmp(name,"REMOTE_USER") ? "remote-user" : name);
+ void clearHeader(const char* rawname, const char* cginame) {
+ if (g_checkSpoofing) {
+ if (m_allhttp.empty())
+ GetServerVariable(m_pfc,"ALL_HTTP",m_allhttp,4096);
+ if (strstr(m_allhttp, cginame))
+ throw opensaml::SecurityPolicyException("Attempt to spoof header ($1) was detected.", params(1, rawname));
+ }
+ string hdr(!strcmp(rawname,"REMOTE_USER") ? "remote-user" : rawname);