shreemaan-abhishek opened a new pull request, #13642: URL: https://github.com/apache/apisix/pull/13642
### Description When `forward-auth` is configured with `request_method: POST`, the plugin buffers the client request body and re-sends it as a whole to the auth service. However it also copied the client's `Transfer-Encoding`, `Content-Length` and `Expect` headers verbatim into the auth request. Once the body has been read it is de-chunked and buffered, so those framing headers no longer describe the bytes actually sent. In particular, a client using `Transfer-Encoding: chunked` caused the auth service to receive a `Transfer-Encoding: chunked` request whose body was not chunk-framed, leaving the auth request internally inconsistent. These framing headers were originally added when the body was streamed to the auth service via a body reader (#10589). That streaming path was later reverted to a buffered body (#12404), but the header copy was left behind and no longer matches the buffered send. This change keeps only `Content-Encoding` (which still applies to the buffered bytes, since nginx does not decode request content-encoding) and lets the HTTP client set a fresh, correct `Content-Length` for the buffered body. `Transfer-Encoding`, `Content-Length` and `Expect` are no longer forwarded from the client on the POST path. #### Which issue(s) this PR fixes: Fixes # ### Checklist - [x] I have explained the need for this PR and the problem it solves - [x] I have explained the changes or the new features added to this PR - [x] I have added tests corresponding to this change - [ ] I have updated the documentation to reflect this change - [x] I have verified that this change is backward compatible (If not, please discuss on the [APISIX mailing list](https://github.com/apache/apisix/tree/master#community) first) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
