Merge ~hloeung/content-cache-charm:nginx-config into content-cache-charm:master
Proposed by
Haw Loeung
Status: | Merged |
---|---|
Approved by: | Haw Loeung |
Approved revision: | ff185866ce85b9c99da9712c502eea59311dbdfa |
Merged at revision: | 9f064cb7f4b29edf9f2a344574288cd7b8dd703a |
Proposed branch: | ~hloeung/content-cache-charm:nginx-config |
Merge into: | content-cache-charm:master |
Diff against target: |
230 lines (+84/-0) 12 files modified
templates/nginx_cfg.tmpl (+6/-0) tests/unit/files/nginx_config_rendered_test_output-basic_site.txt (+6/-0) tests/unit/files/nginx_config_rendered_test_output-site1.local-secrets.txt (+6/-0) tests/unit/files/nginx_config_rendered_test_output-site1.local.txt (+6/-0) tests/unit/files/nginx_config_rendered_test_output-site2.local.txt (+6/-0) tests/unit/files/nginx_config_rendered_test_output-site3.local.txt (+6/-0) tests/unit/files/nginx_config_rendered_test_output-site5.txt (+12/-0) tests/unit/files/nginx_config_rendered_test_output-site6.local.txt (+6/-0) tests/unit/files/nginx_config_rendered_test_output-site7.local.txt (+6/-0) tests/unit/files/nginx_config_rendered_test_output-site8.local.txt (+12/-0) tests/unit/files/nginx_config_rendered_test_output-site9.local.txt (+6/-0) tests/unit/files/nginx_config_rendered_test_output-token_site.txt (+6/-0) |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Junien F | Approve | ||
Haw Loeung | Needs Resubmitting | ||
Joel Sing (community) | +1 | Approve | |
Review via email: mp+383187@code.launchpad.net |
Commit message
Strip or remove 'Forwarded' header to avoid cache poisoning
Description of the change
This can happen when backends uses the forward headers (X-Forward-For
and Forwarded) and prefer Forwarded over X-Forward-For.
e.g. Kubernetes with use-forwarded-
Also blacklist X-Forwarded-Host, X-Forwarded-Port, and
X-Forwarded-Scheme just to be super safe.
To post a comment you must log in.
This merge proposal is being monitored by mergebot. Change the status to Approved to merge.