Ensure "controlled" headers are never pulled from the request.

git-svn-id: https://svn.middleware.georgetown.edu/cpp-sp/branches/REL_2@2865 cb58f699-b61c-0410-a6fe-9272a202ed29

diff --git a/fastcgi/shibauthorizer.cpp b/fastcgi/shibauthorizer.cpp
index db51ad1..9f07de6 100644 (file)
--- a/fastcgi/shibauthorizer.cpp
+++ b/fastcgi/shibauthorizer.cpp
@@ -63,6 +63,7 @@ class ShibTargetFCGIAuth : public AbstractSPRequest
     FCGX_Request* m_req;\r
     int m_port;\r
     string m_scheme,m_hostname;\r
+    set<string> m_cleared_headers;\r
     multimap<string,string> m_response_headers;\r
 public:\r
     map<string,string> m_request_headers;\r
@@ -124,7 +125,8 @@ public:
             cerr << "shib: " << msg;\r
     }\r
     void clearHeader(const char* rawname, const char* cginame) {\r
-        // no need, since request headers turn into actual environment variables\r
+        // Need to save off the name to prevent access to the header later.\r
+        m_cleared_headers.insert(rawname);\r
     }\r
     void setHeader(const char* name, const char* value) {\r
         if (value)\r
@@ -137,7 +139,11 @@ public:
         map<string,string>::const_iterator i = m_request_headers.find(name);\r
         if (i != m_request_headers.end())\r
             return i->second;\r
-        // Nothing set locally, so try the request.\r
+        // If not in the local set, see if it's a "controlled" header by\r
+        // checking the cleared list.\r
+        if (m_cleared_headers.count(name) > 0)\r
+            return "";\r
+        // Nothing set locally and it's safe, so try the request.\r
         string hdr("HTTP_");\r
         for (; *name; ++name) {\r
             if (*name=='-')\r