diff --git a/content/en/docs/tasks/security/authorization/authz-custom/index.md b/content/en/docs/tasks/security/authorization/authz-custom/index.md index bc863b54a3..0c02278de6 100644 --- a/content/en/docs/tasks/security/authorization/authz-custom/index.md +++ b/content/en/docs/tasks/security/authorization/authz-custom/index.md @@ -143,6 +143,7 @@ allows requests with the header `x-ext-authz: allow`. port: "4180" # The default port used by oauth2-proxy. includeRequestHeadersInCheck: ["authorization", "cookie"] # headers sent to the oauth2-proxy in the check request. headersToUpstreamOnAllow: ["authorization", "path", "x-auth-request-user", "x-auth-request-email", "x-auth-request-access-token"] # headers sent to backend application when request is allowed. + headersToDownstreamOnAllow: ["content-type", "set-cookie"] # headers sent back to the client when request is allowed. headersToDownstreamOnDeny: ["content-type", "set-cookie"] # headers sent back to the client when request is denied. {{< /text >}} diff --git a/content/en/docs/tasks/security/authorization/authz-custom/snips.sh b/content/en/docs/tasks/security/authorization/authz-custom/snips.sh index 3583977a0c..de7f68c548 100644 --- a/content/en/docs/tasks/security/authorization/authz-custom/snips.sh +++ b/content/en/docs/tasks/security/authorization/authz-custom/snips.sh @@ -100,6 +100,7 @@ data: port: "4180" # The default port used by oauth2-proxy. includeRequestHeadersInCheck: ["authorization", "cookie"] # headers sent to the oauth2-proxy in the check request. headersToUpstreamOnAllow: ["authorization", "path", "x-auth-request-user", "x-auth-request-email", "x-auth-request-access-token"] # headers sent to backend application when request is allowed. + headersToDownstreamOnAllow: ["content-type", "set-cookie"] # headers sent back to the client when request is allowed. headersToDownstreamOnDeny: ["content-type", "set-cookie"] # headers sent back to the client when request is denied. ENDSNIP