Open xiekeyang opened 9 years ago
Use-cases may vary. Allowing to search "freely" does disclose possibly restricted information. cc @wking @shin-
@dmp42 However, most of docker images registries, such as Docker Hub, quay.io, etc, allow to search and pull freely. So I think It is likely a common behavior, and should be accepted by master branch. Thanks a lot!
None of these services are letting you search and list private content. I'm happy if people want to do that, and we can certainly provide them with documentation on how to do it, or example configuration files, but I don't think it's the right decision to ship something that by default leaks private information.
GET and POST should be not restricted for users. It is free to search and pull images from registry. Therefore, Nginx is modified to limit the location except GET and POST.