Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove the forwarded and x-forwarded-host headers #5409

Merged
merged 1 commit into from
Jan 24, 2025
Merged

Remove the forwarded and x-forwarded-host headers #5409

merged 1 commit into from
Jan 24, 2025

Conversation

segiddins
Copy link
Member

We are already setting the Host header properly in the request to the rails app

Prevents malicious redirects & their being cached

Signed-off-by: Samuel Giddins [email protected]

@segiddins
Remove the forwarded and x-forwarded-host headers
853b119 
We are already setting the Host header properly in the request to the rails app

Prevents malicious redirects & their being cached

Signed-off-by: Samuel Giddins <[email protected]>
@segiddins segiddins enabled auto-merge (squash) January 24, 2025 18:52
@codecov Codecov
Copy link

codecov bot commented Jan 24, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 97.06%. Comparing base (20dec0e) to head (853b119).
Report is 1 commits behind head on master.

Additional details and impacted files 
@@           Coverage Diff           @@
##           master    #5409   +/-   ##
=======================================
  Coverage   97.06%   97.06%           
=======================================
  Files         451      451           
  Lines        9391     9391           
=======================================
  Hits         9115     9115           
  Misses        276      276

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@segiddins segiddins merged commit e50cfbe into master Jan 24, 2025
21 checks passed
@segiddins segiddins deleted the segiddins/remove-the-forwarded-and-x-forwarded-host-headers branch January 24, 2025 21:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@martinemde martinemde martinemde approved these changes

Assignees
No one assigned
Labels
None yet
Projects
RubyGems.org Pull Requests
Status: Merged
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@segiddins @martinemde