TrueCloudLab/frostfs-s3-gw
17
3
Fork 20
Code Issues 29 Pull requests 9 Projects Releases 33 Packages 1 Activity Actions

[#562] Empty default value for TLS termination header param #575

Merged
alexvanin merged 1 commit from r.loginov/frostfs-s3-gw:fix/562-use_empty_default_value_for_tls_termination_header into master 2024-12-13 11:12:58 +00:00
Conversation 0 Commits 1 Files changed 5 +35 -27

1 commit

Author SHA1 Message Date
Roman Loginov
b83e6e1258 [#562] Empty default value for TLS termination header param
All checks were successful
/ DCO (pull_request) Successful in 2m58s
Details
/ Vulncheck (pull_request) Successful in 3m4s
Details
/ Builds (pull_request) Successful in 1m43s
Details
/ Lint (pull_request) Successful in 2m38s
Details
/ Tests (pull_request) Successful in 2m13s
Details 
If the service is accessed not through a proxy and the
default value of the parameter with the header key is
not empty, then the system administrator does not
control disabling TLS verification in any way, because
the client can simply add a known header, thereby
skipping the verification. Therefore, the default value
of the header parameter is made empty. If it is empty,
then TLS verification cannot be disabled in any way.
Thus, the system administrator will be able to control
the enabling/disabling of TLS.

Signed-off-by: Roman Loginov <r.loginov@yadro.com>
 2024-12-12 10:11:22 +03:00