Uploaded image for project: 'Apache Knox'
  1. Apache Knox
  2. KNOX-1393

Update default whitelist derivation strategy

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 1.1.0
    • 1.1.0
    • Server
    • None

    Description

      1. Attempt to determine the domain from the X-Forwarded-Host header value
      2. If domain could not be determined, attempt to determine the domain from the InetAddress.getLocalHost().getCanonicalHostName() value
      3. If domain could not be determined, attempt to determine the domain from the requested host name
      4. If the domain could be determined from any of these sources, then the default whitelist will be based on that domain
      5. If the domain cannot be determined
        a. If the requested host name is NOT a variant of localhost, then the whitelist will be restricted to that specific host name
        b. Otherwise, the localhost whitelist will be the default

      Attachments

        Activity

          People

            pzampino Philip Zampino
            pzampino Philip Zampino
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: