mirrors
/
miniflux-v2
mirror of https://github.com/miniflux/v2.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
1,198 Commits 2 Branches 65 Tags 49 MiB
Commit Graph

4 Commits

Author SHA1 Message Date
Frédéric Guillot b46b5dfb2a Use r.RemoteAddr to check /metrics endpoint network access 
HTTP headers like X-Forwarded-For or X-Real-Ip can be easily spoofed. As
such, it cannot be used to test if the client IP is allowed.

The recommendation is to use HTTP Basic authentication to protect the
metrics endpoint, or run Miniflux behind a trusted reverse-proxy.
 2023-03-11 20:53:12 -08:00
y0ast 05fd83bd6f add support for ipv6 with zone index 2021-02-07 15:57:40 -08:00
Frédéric Guillot 9f85f67031 Make sure the remote address is populated even when using unix socket 2018-11-11 16:42:30 -08:00
Frédéric Guillot 9d08139f43 Improve request package and add more unit tests 2018-09-23 21:02:26 -07:00