pub-solar/infra
6
1
Fork 3
Code Issues 23 Pull requests 10 Actions Packages Projects 1 Releases Wiki Activity

Fix keycloak X-Forwarded-* header warning #241

New issue
Open
opened 2024-10-17 20:13:27 +00:00 by teutat3s · 0 comments
teutat3s commented 2024-10-17 20:13:27 +00:00
Owner
Copy link
WARN  [io.quarkus.vertx.http.runtime.VertxHttpRecorder] (main) The X-Forwarded-* and Forwarded headers will be considered when determining the proxy address. This configuration can cause a security issue as clients can forge requests and send a forwarded header that is not overwritten by the proxy. Please consider use one of these headers just to forward the proxy address in requests.
``` WARN [io.quarkus.vertx.http.runtime.VertxHttpRecorder] (main) The X-Forwarded-* and Forwarded headers will be considered when determining the proxy address. This configuration can cause a security issue as clients can forge requests and send a forwarded header that is not overwritten by the proxy. Please consider use one of these headers just to forward the proxy address in requests. ```
teutat3s added the
Security
 label 2024-10-17 21:31:46 +00:00
teutat3s added this to the Hakken Autumn 03-2024 project 2024-10-21 08:58:47 +00:00
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
element-call
per-admin-user
matrix-rendezvous-server
ssl-cert-warning
feat/automated-account-deletion
feat/matrix-moderation-draupnir
nginx-maintenance
feat/matrix-moderation
fix/use-nix-firewall-nat-feature-for-forgejo-redirect
feat/loomio
feat/matrix-hookshot
feat/libreddit
feat/invidious
No results found.
Labels
Clear labels   
Bug

   
Docs

   
Feature request

   
Good for newcomers

   
Infra

   
Privacy

   
Refactoring or migration

   
Security
No labels
Bug
Docs
Feature request
Good for newcomers
Infra
Privacy
Refactoring or migration
Security
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Hakken Autumn 03-2024
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: pub-solar/infra#241
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?