[6.x][Reporting] Blacklist Transfer-Encoding HTTP header for PDF report generation. (#20763)

x-pack/plugins/reporting/export_types/printable_pdf/server/execute_job/index.js

@@ -20,6 +20,10 @@ const KBN_SCREENSHOT_HEADER_BLACKLIST = [
   'content-type',
   'host',
   'referer',
+  // `Transfer-Encoding` is hop-by-hop header that is meaningful
+  // only for a single transport-level connection, and shouldn't
+  // be stored by caches or forwarded by proxies.
+  'transfer-encoding',
 ];
 
 function executeJobFn(server) {

x-pack/plugins/reporting/export_types/printable_pdf/server/execute_job/index.test.js

@@ -10,12 +10,7 @@ import { cryptoFactory } from '../../../../server/lib/crypto';
 import { executeJobFactory } from './index';
 import { generatePdfObservableFactory } from '../lib/generate_pdf';
 
-jest.mock('../lib/generate_pdf', () => {
-  const generatePdfObservable = jest.fn();
-  return {
-    generatePdfObservableFactory: jest.fn().mockReturnValue(generatePdfObservable)
-  };
-});
+jest.mock('../lib/generate_pdf', () => ({ generatePdfObservableFactory: jest.fn() }));
 
 const cancellationToken = {
   on: jest.fn()
@@ -50,8 +45,12 @@ beforeEach(() => {
       'server.basePath': ''
     }[key];
   });
+
+  generatePdfObservableFactory.mockReturnValue(jest.fn());
 });
 
+afterEach(() => generatePdfObservableFactory.mockReset());
+
 const encryptHeaders = async (headers) => {
   const crypto = cryptoFactory(mockServer);
   return await crypto.encrypt(headers);
@@ -90,6 +89,7 @@ test(`omits blacklisted headers`, async () => {
     'content-length': '',
     'content-type': '',
     'host': '',
+    'transfer-encoding': '',
   };
 
   const encryptedHeaders = await encryptHeaders({