Closed moritzraho closed 5 years ago
This PR addresses a security issue in which web actions could access internal locations defined in the nginx config files by setting the X-Accel-Redirect response header.
X-accel allows for internal redirection to a location determined by a header returned from a backend. see https://www.nginx.com/resources/wiki/start/topics/examples/x-accel/
This PR addresses a security issue in which web actions could access internal locations defined in the nginx config files by setting the X-Accel-Redirect response header.
X-accel allows for internal redirection to a location determined by a header returned from a backend. see https://www.nginx.com/resources/wiki/start/topics/examples/x-accel/