Uploaded image for project: 'Mender'
  1. Mender
  2. MEN-1287

Origin header validation

    XMLWordPrintable

    Details

    • Type: Task
    • Status: Done
    • Priority: Medium
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: None
    • Labels:

      Description

      Having this https://tracker.mender.io/browse/MEN-1262, add section with Origin header validation to the production nginx.conf.

      Origin header is not required and validation should be performed only if the Origin header is present.

      It the Origin header is present and Origin != acutal domain, request should be rejected (400).

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                kjaskiewicz Krzysztof Jaśkiewicz
                Reporter:
                kjaskiewicz Krzysztof Jaśkiewicz
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Zendesk Support

                    Summary Panel