Closed claudijd closed 8 years ago
Thanks @claudijd, I've applied this to the config on ci.us-west.moz.works. cc @glogiotatidis
I did a bit of testing and it looks to have the desired effect.
Thanks for the quick review and deploy!
Blocking api
and script
breaks the BedrockPipelineView
Example of blocked requests:
@glogiotatidis @jgmize I made a small adjustment to the matcher for the nginx blacklist in #8, I believe this change will prevent it from wild-carding on paths not found on the root, which are causing the problems you mention above.
Looks like both paths have been restored to normal :)
@jgmize this is a stub for how we might restrict access to certain sensitive paths in Jenkins such that they are only accessible on the loopback (or for tunneled users). If there are paths that you think no one will ever need to visit, like say ./script, we could just make those a solid deny and limit some exposure of admin A from learning admin B's credentials.