Security: limit Masterkey remote access (#4017)
* update choose_password to have the confirmation * add comment mark * First version, no test * throw error right away instead of just use masterKey false * fix the logic * move it up before the masterKey check * adding some test * typo * remove the choose_password * newline * add cli options * remove trailing space * handle in case the server is behind proxy * add getting the first ip in the ip list of xff * sanity check the ip in config if it is a valid ip address * split ip extraction to another function * trailing spaces
This commit is contained in:
Worathiti Manosroi
committed by
Florent Vilmart
Florent Vilmart
parent
811d8b0c7a
commit
7e54265f6d
@@ -35,5 +35,6 @@ export default {
|
||||
cacheTTL: 5000,
|
||||
cacheMaxSize: 10000,
|
||||
userSensitiveFields: ['email'],
|
||||
objectIdSize: 10
|
||||
objectIdSize: 10,
|
||||
masterKeyIps: []
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user