Hey,
It would be great to be able to add response headers to any response served. I would suggest something similar to the add_request_headers in the mappings, but add_response_headers.
It would also be useful be be able to specify them globally (including requests that don't match a mapping).
Also somewhat related - I don't see a way to remove headers from the response.
For example:
header | value
-- | --
server | envoy
x-envoy-upstream-service-time | 1
These headers are added by Ambassador and I don't want to expose them outside
This would be useful for security headers such as:
Strict-Transport-Security "max-age=31536000;"
X-XSS-Protection "1; mode=block"
X-Content-Type-Options "nosniff"
X-Frame-Options "DENY"
Props to @n1koo for doing this! :smile:
Fixed in #1078 (which is actually @n1koo's code even though I created it).
Most helpful comment
Also somewhat related - I don't see a way to remove headers from the response.
For example:
header | value
-- | --
server | envoy
x-envoy-upstream-service-time | 1
These headers are added by Ambassador and I don't want to expose them outside