mirrors
/
miniflux-v2
mirror of https://github.com/miniflux/v2.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
miniflux-v2/service/httpd
History
Frédéric Guillot b46b5dfb2a Use r.RemoteAddr to check /metrics endpoint network access 
HTTP headers like X-Forwarded-For or X-Real-Ip can be easily spoofed. As
such, it cannot be used to test if the client IP is allowed.

The recommendation is to use HTTP Basic authentication to protect the
metrics endpoint, or run Miniflux behind a trusted reverse-proxy.
 		2023-03-11 20:53:12 -08:00
..
doc.go Fix some linter issues 2022-08-08 22:06:38 -07:00
httpd.go Use r.RemoteAddr to check /metrics endpoint network access 2023-03-11 20:53:12 -08:00
middleware.go Refactor config package 2019-06-02 06:30:08 -07:00