Uploaded image for project: 'Apache Knox'
  1. Apache Knox
  2. KNOX-1393

Update default whitelist derivation strategy

    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.1.0
    • Fix Version/s: 1.1.0
    • Component/s: Server
    • Labels:
      None

      Description

      1. Attempt to determine the domain from the X-Forwarded-Host header value
      2. If domain could not be determined, attempt to determine the domain from the InetAddress.getLocalHost().getCanonicalHostName() value
      3. If domain could not be determined, attempt to determine the domain from the requested host name
      4. If the domain could be determined from any of these sources, then the default whitelist will be based on that domain
      5. If the domain cannot be determined
        a. If the requested host name is NOT a variant of localhost, then the whitelist will be restricted to that specific host name
        b. Otherwise, the localhost whitelist will be the default

        Attachments

          Activity

            People

            • Assignee:
              pzampino Philip Zampino
              Reporter:
              pzampino Philip Zampino
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: