Skip to content
Snippets Groups Projects
Commit f41f9d25 authored by Andre Zoledziowski's avatar Andre Zoledziowski Committed by Jairo Llopis
Browse files

Fixed possible security problem.

parent eddf7b2a
Branches
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
Showing
with 1 addition and 1 deletion
haproxy.cfg
+ 1
1
View file @ f41f9d25
...@@ -42,7 +42,7 @@ backend dockerbackend ...@@ -42,7 +42,7 @@ backend dockerbackend
frontend dockerfrontend frontend dockerfrontend
bind :2375 bind :2375
http-request deny unless METH_GET || { env(POST) -m bool } http-request deny unless METH_GET || { env(POST) -m bool }
http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/containers/[^/]+/((stop)|(restart)|(kill)) } { env(ALLOW_RESTARTS) -m bool } http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/containers/[a-zA-Z0-9_.-]+/((stop)|(restart)|(kill)) } { env(ALLOW_RESTARTS) -m bool }
http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/auth } { env(AUTH) -m bool } http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/auth } { env(AUTH) -m bool }
http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/build } { env(BUILD) -m bool } http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/build } { env(BUILD) -m bool }
http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/commit } { env(COMMIT) -m bool } http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/commit } { env(COMMIT) -m bool }
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment