You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@trafficserver.apache.org by "Leif Hedstrom (JIRA)" <ji...@apache.org> on 2015/12/16 08:30:46 UTC

[jira] [Updated] (TS-3904) Add basic access control to the xdebug plugin

     [ https://issues.apache.org/jira/browse/TS-3904?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Leif Hedstrom updated TS-3904:
------------------------------
    Fix Version/s:     (was: 6.1.0)
                   6.2.0

> Add basic access control to the xdebug plugin
> ---------------------------------------------
>
>                 Key: TS-3904
>                 URL: https://issues.apache.org/jira/browse/TS-3904
>             Project: Traffic Server
>          Issue Type: Improvement
>          Components: Plugins
>            Reporter: Leif Hedstrom
>            Assignee: Leif Hedstrom
>             Fix For: 6.2.0
>
>
> It'd be useful to limit access to XDebug information based on client IP. E.g.
> {code}
>    --allow=69/8 --allow=10/8 --allow=192.168/16
> {code}
> As an alternative, we could add this to header_rewrite, such that if the X-Debug header is in the client request, we deny the request based on the IP.  The configuration for this could get complex though (maybe header_rewrite needs an ACL operator).



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)