TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2025-05-21 09:48:31 +00:00
Code Issues Packages Projects Releases Wiki Activity
tailscale/cmd/proxy-to-grafana
History
Patrick O'Doherty 336b3b7df0
cmd/proxy-to-grafana: strip X-Webauth* headers from all requests (#15985) 
Update proxy-to-grafana to strip any X-Webauth prefixed headers passed
by the client in *every* request, not just those to /login.

/api/ routes will also accept these headers to authenticate users,
necessitating their removal to prevent forgery.

Updates tailscale/corp#28687

Signed-off-by: Patrick O'Doherty <patrick@tailscale.com>
2025-05-15 14:26:19 -07:00
..
proxy-to-grafana_test.go
cmd/proxy-to-grafana: strip X-Webauth* headers from all requests (#15985)
2025-05-15 14:26:19 -07:00
proxy-to-grafana.go
cmd/proxy-to-grafana: strip X-Webauth* headers from all requests (#15985)
2025-05-15 14:26:19 -07:00