#89 remove all but the explicitely allowed headers

[Klaus Darilion]

This is useful if the proxy does not know which headers an upstream element will interpret and thus can't remove/screen this potential dangerous headers:
see also http://lists.openser.org/pipermail/users/2007-November/014437.html

Klaus Darilion writes:

> Maybe we need a remove_hf_except() function to strip all not explicitly
> allowed headers:
>
> remove_hf_except("From|To|Via|Record-Route|Contact|PAI|CSeq|???????")
>
> or something similar in result.

sounds like a good idea.

-- juha

[Klaus Darilion]

Logged In: YES
user_id=1318360
Originator: YES

related with http://tracker.iptel.org/browse/SER-340