Docker/portainer
Docker/portainer
1
0
Fork 0
mirror of https://github.com/portainer/portainer.git synced 2025-07-22 23:09:41 +02:00
Code Issues Releases Activity

feat(csrf): add trusted origins cli flags [BE-11972] (#856)

Browse source 
Co-authored-by: oscarzhou <oscar.zhou@portainer.io>
Co-authored-by: andres-portainer <andres-portainer@users.noreply.github.com>
Co-authored-by: Malcolm Lockyer <segfault88@users.noreply.github.com>
This commit is contained in:
andres-portainer 2025-07-02 21:00:39 -03:00 committed by GitHub
parent d0e74d6ef4
commit d7794a06b3
9 changed files with 359 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

3
api/http/server.go
View file

@ -113,6 +113,7 @@ type Server struct {
PendingActionsService *pendingactions.PendingActionsService
PlatformService platform.Service
PullLimitCheckDisabled bool
TrustedOrigins []string
}
// Start starts the HTTP server
@ -336,7 +337,7 @@ func (server *Server) Start() error {
handler = middlewares.WithPanicLogger(middlewares.WithSlowRequestsLogger(handler))
handler, err := csrf.WithProtect(handler)
handler, err := csrf.WithProtect(handler, server.TrustedOrigins)
if err != nil {
return errors.Wrap(err, "failed to create CSRF middleware")
}