From dc19a614ce2c14948531ccc1018fbdfcc4b0960f Mon Sep 17 00:00:00 2001
From: Michael Kroes <michael@kroes.email>
Date: Tue, 19 Jul 2016 05:38:35 +0200
Subject: [PATCH 1/2] Strip HTTP_PROXY from requests to php-fpm and Flask

---
 conf/nginx-primaryonly.conf | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/conf/nginx-primaryonly.conf b/conf/nginx-primaryonly.conf
index 55c80eba..0c2cb75a 100644
--- a/conf/nginx-primaryonly.conf
+++ b/conf/nginx-primaryonly.conf
@@ -6,6 +6,7 @@
 	location /admin/ {
 		proxy_pass http://127.0.0.1:10222/;
 		proxy_set_header X-Forwarded-For $remote_addr;
+		proxy_set_header Proxy "";
 		add_header X-Frame-Options "DENY";
 		add_header X-Content-Type-Options nosniff;
 		add_header Content-Security-Policy "frame-ancestors 'none';";
@@ -38,6 +39,7 @@
 		fastcgi_param PATH_INFO $3;
 		fastcgi_param MOD_X_ACCEL_REDIRECT_ENABLED on;
 		fastcgi_param MOD_X_ACCEL_REDIRECT_PREFIX /owncloud-xaccel;
+		fastcgi_param HTTP_PROXY  "";
 		fastcgi_read_timeout 630;
 		fastcgi_pass php-fpm;
 		error_page 403 /cloud/core/templates/403.php;
@@ -57,6 +59,7 @@
 		# Z-Push doesn't like getting a redirect, and a plain rewrite didn't work either.
 		# Properly proxying like this seems to work fine.
 		proxy_pass https://127.0.0.1/cloud/remote.php/$1;
+		proxy_set_header Proxy "";
 	}
 	rewrite ^/.well-known/host-meta /cloud/public.php?service=host-meta last;
 	rewrite ^/.well-known/host-meta.json /cloud/public.php?service=host-meta-json last;

From 46627f98ef26d715f4cfcba976d55bdfc523a812 Mon Sep 17 00:00:00 2001
From: Michael Kroes <michael@kroes.email>
Date: Tue, 19 Jul 2016 07:45:03 +0200
Subject: [PATCH 2/2] Remove HTTP_PROXY from mail and zpush

---
 conf/nginx-alldomains.conf | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/conf/nginx-alldomains.conf b/conf/nginx-alldomains.conf
index 995745e4..16c30106 100644
--- a/conf/nginx-alldomains.conf
+++ b/conf/nginx-alldomains.conf
@@ -36,6 +36,7 @@
 		fastcgi_split_path_info ^/mail(/.*)()$;
 		fastcgi_index index.php;
 		fastcgi_param SCRIPT_FILENAME /usr/local/lib/roundcubemail/$fastcgi_script_name;
+		fastcgi_param HTTP_PROXY  "";
 		fastcgi_pass php-fpm;
 
 		# Outgoing mail also goes through this endpoint, so increase the maximum
@@ -48,6 +49,7 @@
 		include /etc/nginx/fastcgi_params;
 		fastcgi_param SCRIPT_FILENAME /usr/local/lib/z-push/index.php;
 		fastcgi_param PHP_VALUE "include_path=.:/usr/share/php:/usr/share/pear:/usr/share/awl/inc";
+		fastcgi_param HTTP_PROXY  "";
 		fastcgi_read_timeout 630;
 		fastcgi_pass php-fpm;
 
@@ -59,6 +61,7 @@
 		include fastcgi_params;
 		fastcgi_param SCRIPT_FILENAME /usr/local/lib/z-push/autodiscover/autodiscover.php;
 		fastcgi_param PHP_VALUE "include_path=.:/usr/share/php:/usr/share/pear:/usr/share/awl/inc";
+		fastcgi_param HTTP_PROXY  "";
 		fastcgi_pass php-fpm;
 	}