From 003ff0258f0fbcbe930e41b84df038eb06dac25b Mon Sep 17 00:00:00 2001
From: Magnus Dahl Eide <magnus@dahleide.com>
Date: Thu, 28 Aug 2025 21:06:36 +0200
Subject: [PATCH 1/2] fix(express-dev): Disable x-powered-by header

---
 examples/app-router/app/api/isr/route.ts              | 11 +++++++----
 .../open-next/src/overrides/wrappers/express-dev.ts   |  3 +++
 2 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/examples/app-router/app/api/isr/route.ts b/examples/app-router/app/api/isr/route.ts
index e14cdfe0d..d86a5996e 100644
--- a/examples/app-router/app/api/isr/route.ts
+++ b/examples/app-router/app/api/isr/route.ts
@@ -15,10 +15,13 @@ export async function GET(request: NextRequest) {
   const manifest = JSON.parse(prerenderManifest);
   const previewId = manifest.preview.previewModeId;
 
-  const result = await fetch(`https://${request.headers.get("host")}/isr`, {
-    headers: { "x-prerender-revalidate": previewId },
-    method: "HEAD",
-  });
+  const result = await fetch(
+    `${request.headers.get("x-forwarded-proto") ?? "https"}://${request.headers.get("host")}/isr`,
+    {
+      headers: { "x-prerender-revalidate": previewId },
+      method: "HEAD",
+    },
+  );
 
   return NextResponse.json({
     status: 200,
diff --git a/packages/open-next/src/overrides/wrappers/express-dev.ts b/packages/open-next/src/overrides/wrappers/express-dev.ts
index 4cc32da8f..ba5906b3a 100644
--- a/packages/open-next/src/overrides/wrappers/express-dev.ts
+++ b/packages/open-next/src/overrides/wrappers/express-dev.ts
@@ -8,6 +8,9 @@ import { getMonorepoRelativePath } from "utils/normalize-path";
 
 const wrapper: WrapperHandler = async (handler, converter) => {
   const app = express();
+  // We disable this cause we wanna use it ourself
+  // https://stackoverflow.com/a/13055495/16587222
+  app.disable("x-powered-by");
   // To serve static assets
   const basePath = NextConfig.basePath ?? "";
   app.use(

From 6baaee49aea3fb690d98023a9f8524ad510ab76e Mon Sep 17 00:00:00 2001
From: Magnus Dahl Eide <magnus@dahleide.com>
Date: Thu, 28 Aug 2025 21:24:23 +0200
Subject: [PATCH 2/2] changeset

---
 .changeset/tame-seas-raise.md | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 .changeset/tame-seas-raise.md

diff --git a/.changeset/tame-seas-raise.md b/.changeset/tame-seas-raise.md
new file mode 100644
index 000000000..40d3fe0c0
--- /dev/null
+++ b/.changeset/tame-seas-raise.md
@@ -0,0 +1,5 @@
+---
+"@opennextjs/aws": patch
+---
+
+fix(express-dev): Disable x-powered-by header