Uploaded image for project: 'Felix'
  1. Felix
  2. FELIX-6133

HC ServiceUnavailableFilter should not include execution result by default

    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: healthcheck.core 2.0.6
    • Fix Version/s: healthcheck.core 2.0.8
    • Component/s: Health Checks
    • Labels:
      None

      Description

      Currently the execution result is included by default in 503 responses. To follow the principle "Security by default" and not not give away any information to a potential attacker, the default should be false. 

      NOTE: For many cases a value includeExecutionResult=true is fine because 503 responses from a backend never reach a untrusted zone (e.g. Felix runs as a backend server and a LB decides to not take the backend into account upon 503 responses, having the execution result in the response is not harmful then but useful for analysis purposes)

        Attachments

          Activity

            People

            • Assignee:
              henzlerg Georg Henzler
              Reporter:
              henzlerg Georg Henzler
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: