From b11ff4e5989af5747ad6254c6c4705683875f745 Mon Sep 17 00:00:00 2001
From: Bastian Gruber <foreach@me.com>
Date: Thu, 17 Jul 2025 11:01:21 -0300
Subject: [PATCH] Remove not needed suspicous headers check

---
 Cargo.lock                 |  2 +-
 Cargo.toml                 |  2 +-
 src/middleware/security.rs | 10 ----------
 3 files changed, 2 insertions(+), 12 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 2badf48..dbc4767 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1785,7 +1785,7 @@ dependencies = [
 
 [[package]]
 name = "ohttp-gateway"
-version = "0.1.0"
+version = "0.1.1"
 dependencies = [
  "anyhow",
  "axum",
diff --git a/Cargo.toml b/Cargo.toml
index 1b32f0b..5600513 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 authors = ["Bastian Gruber <foreach@me.com>"]
-version = "0.1.0"
+version = "0.1.1"
 edition = "2024"
 name = "ohttp-gateway"
 categories = ["web-programming", "web-programming::http-server"]
diff --git a/src/middleware/security.rs b/src/middleware/security.rs
index e8df80d..60fa017 100644
--- a/src/middleware/security.rs
+++ b/src/middleware/security.rs
@@ -174,15 +174,5 @@ pub async fn request_validation_middleware(
         }
     }
 
-    // Check for suspicious headers that might indicate attacks
-    const SUSPICIOUS_HEADERS: &[&str] = &["x-forwarded-host", "x-original-url", "x-rewrite-url"];
-
-    for header_name in SUSPICIOUS_HEADERS {
-        if headers.contains_key(*header_name) {
-            warn!("Request contains suspicious header: {}", header_name);
-            return Err(StatusCode::BAD_REQUEST);
-        }
-    }
-
     Ok(next.run(request).await)
 }