Dimitri Huisman
|
25b9db4b00
|
Proxy endpoint was checking real client ip instead of proxy ip
for validating PROXY_AUTH_WHITELIST
|
2 years ago |
Florent Daigniere
|
698f1f377c
|
Check https://attackshipsonfi.re/p/exploiting-cors-misconfigurations out
|
2 years ago |
Florent Daigniere
|
8eb1542f64
|
Paranoia: drop the headers we don't use
|
2 years ago |
Florent Daigniere
|
394c2fe22c
|
Document REAL_IP_HEADER and REAL_IP_FROM
Fix a security vulnerability whereby we were not clearing other headers
|
3 years ago |
Florent Daigniere
|
6bba0cecfc
|
Strip the Forwarded header since nothing is compatible with it yet
|
3 years ago |
Thomas Sänger
|
2c7d1d2f71
|
use HTTP/1.1 for proxyied connections
|
5 years ago |
kaiyou
|
04278b6cbf
|
Pass the full host to the backend, fixes #372
|
7 years ago |
kaiyou
|
2dfc91ac4d
|
Use a map for passing x-forwarded-proto along
|
7 years ago |
kaiyou
|
a4f46ced49
|
Properly use x-forwarded-proto with redirects in the webui, related to #347
|
7 years ago |