We just released routing release 0.176.0 with features to enable compliance with the EU General Data Protection Regulation (GDPR).

- Operators can now configure a manifest property `router.disable_log_forwarded_for` to disable logging of X-Forwarded-For header in Gorouter logs. This is to comply with EU regulations that do not allow persisting personal data. Details here

- Operators can now configure a manifest property `router.disable_log_source_ip` to disable logging of source IP in Gorouter logs. This is to comply with EU regulations that do not allow persisting personal data. Details here

- We fixed an issue where Gorouter was not previously forwarding/settings the client certificate in the XFCC header when a request was being proxied through a route service. Gorouter now sets the XFCC header with the client certificate. See the manifest property `router.forwarded_client_cert` to understand the options available for forwarding a client certificate. Details here

Please let us know if you have any feedback and/or questions. Happy to help!

Regards, 

Shubha & Shannon 

Routing PMs