Gateway leaks x-goog- headers when running on Google Storage Engine

[dekobon]

When using Google Storage Engine, the gateway fails to strip Google-specific headers from the response and thereby potentially leaks metadata about the object and bucket.

For example:

Server: nginx
Date: Thu, 03 Nov 2022 22:08:51 GMT
Content-Type: text/plain
Content-Length: 2132
Connection: keep-alive
X-GUploader-UploadID: ADPycdt0MrPnE__VwGIJ4k7a0XvuYOk6fel0l5WLn1mgo97NQnKsnrxY6hq85PCW64L6xJ2n_D7CgAI1Za3p9eKh4hru7A
Cache-Control: public
Expires: Thu, 03 Nov 2022 22:08:14 GMT
Last-Modified: Thu, 03 Nov 2022 21:57:33 GMT
ETag: "7d59bff32f153073ff8e8a461cb4979b"
x-goog-generation: 1667512653610340
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2132
x-goog-hash: crc32c=0AaUeg==
x-goog-hash: md5=fVm/8y8VMHP/jopGHLSXmw==
x-goog-storage-class: STANDARD
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Accept-Ranges: bytes

[dekobon]

With the commit 3052946, one can now add a list of headers to strip from responses. To strip out the Google specific headers, one can now do:

HEADER_PREFIXES_TO_STRIP=x-goog-;x-guploader-uploadid