[
https://issues.apache.org/jira/browse/NIFI-4761?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16332628#comment-16332628
]
ASF subversion and git services commented on NIFI-4761:
-------------------------------------------------------
Commit e3c661daac69cdb2de43c3d66d9ed1ccc9c8dbc6 in nifi's branch
refs/heads/master from [~mcgilman]
[ https://git-wip-us.apache.org/repos/asf?p=nifi.git;h=e3c661d ]
NIFI-4761 Fixing test case regression.
This closes #2418.
Signed-off-by: Andy LoPresto <[email protected]>
> Allow whitelisting expected Host values
> ---------------------------------------
>
> Key: NIFI-4761
> URL: https://issues.apache.org/jira/browse/NIFI-4761
> Project: Apache NiFi
> Issue Type: Bug
> Components: Core Framework
> Affects Versions: 1.5.0
> Reporter: Matt Gilman
> Assignee: Andy LoPresto
> Priority: Major
> Labels: configuration, header, host, security
>
> NiFi has been updated to only accept requests where the Host header contains
> an expected value. Currently, the expected values are driven by the .host
> properties in nifi.properties. When running behind a proxy, the value may be
> the proxy host if the headers simply pass through. In this scenario, we
> should offer the ability to whitelist values in case updating the proxy
> configuration isn't possible.
> Also, the proxy documentation in the admin guide should be updated to include
> details regarding the Host name whitelisting. Also, should verify the context
> path whitelisting is documented there.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
