Uploaded image for project: 'Mender'
  1. Mender
  2. MEN-1287

Origin header validation

    XMLWordPrintable

    Details

    • Type: Task
    • Status: Done
    • Priority: Medium
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: None
    • Labels:

      Description

      Having this https://tracker.mender.io/browse/MEN-1262, add section with Origin header validation to the production nginx.conf.

      Origin header is not required and validation should be performed only if the Origin header is present.

      It the Origin header is present and Origin != acutal domain, request should be rejected (400).

        Attachments

          Container Issues

            Issue Links

              Activity

                People

                • Assignee:
                  kjaskiewicz Krzysztof Jaśkiewicz
                  Reporter:
                  kjaskiewicz Krzysztof Jaśkiewicz
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  1 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved:

                    Zendesk Support

                      Summary Panel