Skip to Content
Mastering Spring Cloud
book

Mastering Spring Cloud

by Piotr Mińkowski
April 2018
Intermediate to advanced content levelIntermediate to advanced
432 pages
10h 38m
English
Packt Publishing
Content preview from Mastering Spring Cloud

Secure headers

You may be a little surprised if you set, for example, the Authorization HTTP header in the request and it isn't forwarded to the downstream service. This is because Zuul defines a default list of sensitive headers, which are removed during the routing process. These are the headers Cookie, Set-Cookie, and Authorization. This feature has been designed with a view to communicate with external servers. While there is no objection to sharing headers between services in the same system, it is not recommended to share them with external servers for security reasons. This approach may be customized by overriding default values for the sensitiveHeaders property. It may be set globally for all routes or just for a single route. The ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Microservices with Spring Boot and Spring Cloud - Second Edition

Microservices with Spring Boot and Spring Cloud - Second Edition

Magnus Larsson

Publisher Resources

ISBN: 9781788475433Supplemental Content