Closed SandGrainOne closed 1 year ago
Analyse if we can use linkerd policies to allow/reject https://linkerd.io/2.12/reference/authorization-policy/
The idea right now is actually to remove the entry in the ingress to make the app unavailable outside AKS. Just need to reconfigure the apps using the service so that they can access it through an internal address.
Took a very quick look at the documentation from linkerd and it looks like there are no way of setting up a rule based on the request body. The value we would want to filter on is in the request body.
There might not be any need for a sidecar after all. See the above discussion. This issue is now being superseded by #43
Description
The goal with the sidecar is to validate and clean the input being sent to the PDF generator. We need to limit which web pages the PDF-generator can convert to PDF with a whitelist.
As of this writing the requested URL must be for an app from the correct application owner in the correct environment.
Additional Information
No response
Tasks
No response
Acceptance Criterias