Paul Greenberg
Paul Greenberg
@axi92 , i am referring to cors options. I think you need to create Caddy “handler” to match options requests and respond accordingly.
@axi92 , the handler should be above “authorize” directive.
Think through this … caddy security does not handle options method requests. In your config, the first thing that touches the request is authorize plugin. That is non starter. You...
@axi92 , I am not talking about the “order” directive. I am referring to the statements inside “api.domain.com”. There are executed sequentially. Here, you have “authorize” directive which gets executed...
> this would be very helpful and more secure @jcstryker , want to challenge yourself and implement it?
@emanueleaina , search for “insecure” in the docs.
@rzabel66 , this sounds like the module was not compiled or it is using an old version of it. The “security” directive should work if the module is loaded.
The xcaddy should be invoked in the following way https://github.com/greenpau/caddy-security/issues/385#issuecomment-2791072372
@captainpryce , I am in the process of updating packages right now. Will fix as part of the upgrade.
@captainpryce , I think this is related issue https://github.com/greenpau/caddy-security/issues/224 Where is the "caused by api key regex pattern"?