Thank you so much Eric and Tom. We do not use warn-date in the response header. I added that. Still header 'Warning' missing.
HTTP/1.1 200 OK Date: Fri, 07 Sep 2012 06:49:39 GMT Server: Apache-Coyote/1.1 Accept: application/json Content-Length: 468 Content-Type: application/json warn-date: 2012-11-05T08:15:30-05:00 Warning1: This API has been deprecated and may not be supported after 2012-11-05T08:15:30-05:00 Thinking if the date at the end of warning message can be the issue, I removed that still warning is filtered. Thanks, Anoop On Thu, Sep 6, 2012 at 8:15 PM, Tom Evans <tevans...@googlemail.com> wrote: > On Thu, Sep 6, 2012 at 12:27 PM, Eric Covener <cove...@gmail.com> wrote: > > On Thu, Sep 6, 2012 at 6:59 AM, Anoop L <anpl1...@gmail.com> wrote: > >> Hi All, > >> > >> We use HTTPD 2.2.17 with Mod_ssl and Mod_proxy in front of HA_proxy to > >> terminate https. > >> > >> When the backend sends http header named 'Warning' HTTPD removes that > from > >> response sent to client. I tried adding a customer header value named > >> 'Warning1' and client gets that value in response. Any idea why Apache > >> filters 'Warning' header is it a bug or related to security. > >> > >> Any help would be appreciated. > > > > It looks like mod_proxy filters warnings that have a date in the > > warning that doesn't match the backend Date: header. > > > > As required by the RFC: > > http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.46 > > (Final paragraph in that section) > > Cheers > > Tom > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > >
