Internal api endpoints exposes sensitive data and this cannot be
accessed via internet.
This internal api was developed inside velum project and haproxy was
allowing the request to that endpoint. Velum listens on 0.0.0.0 and
needs to block for that specific path.
With this patch we are blocking any request to anything that starts
with /internal-api.
Internal api endpoints exposes sensitive data and this cannot be accessed via internet.
This internal api was developed inside velum project and haproxy was allowing the request to that endpoint. Velum listens on 0.0.0.0 and needs to block for that specific path.
With this patch we are blocking any request to anything that starts with /internal-api.
Signed-off-by: Vítor Avelino vavelino@suse.com
bsc#1121162