Mirroristas/bigchaindb
2
0
Fork 0
mirror of https://github.com/bigchaindb/bigchaindb.git synced 2024-10-13 13:34:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix getstarted undefined referrer issue with IPDB (#1866)

Browse Source 
Skip Referer check on preflight request (OPTIONS) and set Referrer-Policy to origin-when-cross-origin in response to OPTIONS request. Once Referrer-Policy is set on the subsequent POST request referrer is set by the browser to expected value.
This commit is contained in:
Shahbaz Nazir
2017-11-17 20:35:57 +01:00
committed by GitHub
parent f53eb1e3e7
commit bc4f8fcab5
4 changed files with 19 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
k8s/nginx-https-web-proxy/container/docker_build_and_push.bash
View File

@@ -1,5 +1,5 @@
#!/bin/bash
docker build -t bigchaindb/nginx-https-web-proxy:0.10 .
docker build -t bigchaindb/nginx-https-web-proxy:0.12 .
docker push bigchaindb/nginx-https-web-proxy:0.10
docker push bigchaindb/nginx-https-web-proxy:0.12

13
k8s/nginx-https-web-proxy/container/nginx.conf.template
View File

@@ -90,12 +90,6 @@ http {
end
}
# check if the request originated from the required web page
# use referer header.
if ($http_referer !~ "PROXY_EXPECTED_REFERER_HEADER" ) {
return 403 'Unknown referer';
}
# check if the request has the expected origin header
if ($http_origin !~ "PROXY_EXPECTED_ORIGIN_HEADER" ) {
return 403 'Unknown origin';
@@ -108,9 +102,16 @@ http {
add_header 'Access-Control-Max-Age' 43200;
add_header 'Content-Type' 'text/plain charset=UTF-8';
add_header 'Content-Length' 0;
add_header 'Referrer-Policy' "PROXY_REFERRER_POLICY";
return 204;
}
# check if the request originated from the required web page
# use referer header.
if ($http_referer !~ "PROXY_EXPECTED_REFERER_HEADER" ) {
return 403 'Unknown referer';
}
# No auth for GETs, forward directly to BDB.
if ($request_method = GET) {
proxy_pass http://$bdb_backend:BIGCHAINDB_API_PORT;