dmp42
commented
9 years ago Use-cases may vary. Allowing to search "freely" does disclose possibly restricted information. cc @wking @shin-
Open xiekeyang opened 9 years ago
dmp42
commented
9 years ago Use-cases may vary. Allowing to search "freely" does disclose possibly restricted information. cc @wking @shin-
xiekeyang
commented
9 years ago @dmp42 However, most of docker images registries, such as Docker Hub, quay.io, etc, allow to search and pull freely. So I think It is likely a common behavior, and should be accepted by master branch. Thanks a lot!
dmp42
commented
9 years ago None of these services are letting you search and list private content. I'm happy if people want to do that, and we can certainly provide them with documentation on how to do it, or example configuration files, but I don't think it's the right decision to ship something that by default leaks private information.
GET and POST should be not restricted for users. It is free to search and pull images from registry. Therefore, Nginx is modified to limit the location except GET and POST.