You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@apisix.apache.org by GitBox <gi...@apache.org> on 2021/05/16 09:59:33 UTC
[GitHub] [apisix-dashboard] starsz commented on a change in pull request #1894: fix: restrict host and path of debugging URL
starsz commented on a change in pull request #1894:
URL: https://github.com/apache/apisix-dashboard/pull/1894#discussion_r633070535
##########
File path: api/internal/handler/route_online_debug/route_online_debug.go
##########
@@ -92,12 +108,60 @@ func (h *Handler) DebugRequestForwarding(c droplet.Context) (interface{}, error)
type HTTPProtocolSupport struct {
}
+func checkHost(host string) error {
+ if len(conf.Gateways) < 1 {
+ return errors.New("host list of APISIX gateways not configured")
+ }
+ for _, gatewayHost := range conf.Gateways {
+ if host == gatewayHost {
+ return nil
+ }
+ }
Review comment:
Move the `inArray` in `ssl.go` to `utils.go` and use it.
##########
File path: api/internal/handler/tool/tool.go
##########
@@ -109,3 +111,7 @@ func (h *Handler) VersionMatch(c droplet.Context) (interface{}, error) {
return &output, nil
}
+
+func (h *Handler) Gateways(_ droplet.Context) (interface{}, error) {
+ return conf.Gateways, nil
Review comment:
Miss e2e test to test it?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org