Jonathan Underwood
Jonathan Underwood
Added tests for all available methods on the nginxproxy object.
> such that the admin will most likely never notice the problem. This assumes that private data is not sent as query parameters as a GET request. Any form that...
I think maybe another solution could be to reject all methods besides GET for http. This way at least the admin will be more likely to arrive to a conclusion...
tbh though... even if we reject all http requests. They'll still be sending the packets over the clear to the server anyways... so really, I don't think there's much we...
The paths I'm seeing are: 1. Add 308 for non-GET. no options added. 2. Add 308 for non-GET. option to disable (making non-GET reject completely (404? 400?)). 3. Make non-GET...
It seems there's a limitation on the return code in nginx, so you can't use a variable as the return code. Therefore, the only way to change the return code...
For now it seems wise to add a small container serving just a 502 page, set it as 502.yourdomain.com and set it as your DEFAULT_HOST. Since this is the default...
I already have a reverse proxy on my home server lab and I point a subdomain to the mempool instance running on umbrel. I make it a point not to...