From 0809c78486ad332005584421d1d41ac84fe79f78 Mon Sep 17 00:00:00 2001
From: Noah Levitt <nlevitt@archive.org>
Date: Fri, 8 Apr 2016 23:26:20 -0700
Subject: [PATCH] add Strict-Transport-Security to list of http response
 headers to swallow, to avoid some problems with HSTS when browsing through
 warcprox (doesn't solve the case of preloaded HSTS though)

---
 setup.py              | 2 +-
 warcprox/warcproxy.py | 6 ++++--
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/setup.py b/setup.py
index 197b896..de82385 100755
--- a/setup.py
+++ b/setup.py
@@ -50,7 +50,7 @@ except:
     deps.append('futures')
 
 setuptools.setup(name='warcprox',
-        version='2.0.dev6',
+        version='2.0.dev7',
         description='WARC writing MITM HTTP/S proxy',
         url='https://github.com/internetarchive/warcprox',
         author='Noah Levitt',
diff --git a/warcprox/warcproxy.py b/warcprox/warcproxy.py
index c41d8e1..869ba5f 100644
--- a/warcprox/warcproxy.py
+++ b/warcprox/warcproxy.py
@@ -147,8 +147,10 @@ class ProxyingRecordingHTTPResponse(http_client.HTTPResponse):
 
         status_and_headers = 'HTTP/1.1 {} {}\r\n'.format(self.status, self.reason)
         for k,v in self.msg.items():
-            if k.lower() not in ('connection', 'proxy-connection', 'keep-alive',
-                    'proxy-authenticate', 'proxy-authorization', 'upgrade'):
+            if k.lower() not in (
+                    'connection', 'proxy-connection', 'keep-alive',
+                    'proxy-authenticate', 'proxy-authorization', 'upgrade',
+                    'strict-transport-security'):
                 status_and_headers += '{}: {}\r\n'.format(k, v)
         status_and_headers += 'Connection: close\r\n\r\n'
         self.proxy_dest.sendall(status_and_headers.encode('latin1'))