DevFW-CICD/ingress-nginx-helm
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Legacy cherrypick (#7965)

Browse source 
* update default block list,docs, tests (#7942)

* update default block list,docs, tests

* fix config for admin test

* gofmt

* remove the err return

* Change sanitization message from error to warning (#7963)

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* duplicate test

Co-authored-by: Ricardo Katz <rikatz@users.noreply.github.com>
This commit is contained in:
James Strong 2021-11-24 12:34:21 -05:00 committed by GitHub
parent b159577c23
commit 18e6eb0a31
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 89 additions and 74 deletions
Download patch file Download diff file Expand all files Collapse all files

18
internal/ingress/controller/config/config.go
View file

@ -18,7 +18,6 @@ package config
import (
"strconv"
"strings"
"time"
"k8s.io/klog/v2"
@ -759,21 +758,6 @@ func NewDefault() Configuration {
defNginxStatusIpv4Whitelist := make([]string, 0)
defNginxStatusIpv6Whitelist := make([]string, 0)
defResponseHeaders := make([]string, 0)
defAnnotationValueWordBlocklist := []string{
"load_module",
"lua_package",
"_by_lua",
"location",
"root",
"proxy_pass",
"serviceaccount",
"{",
"}",
"'",
"\\",
}
defIPCIDR = append(defIPCIDR, "0.0.0.0/0")
defNginxStatusIpv4Whitelist = append(defNginxStatusIpv4Whitelist, "127.0.0.1")
defNginxStatusIpv6Whitelist = append(defNginxStatusIpv6Whitelist, "::1")
@ -784,7 +768,7 @@ func NewDefault() Configuration {
AllowSnippetAnnotations: true,
AllowBackendServerHeader: false,
AnnotationValueWordBlocklist: strings.Join(defAnnotationValueWordBlocklist, ","),
AnnotationValueWordBlocklist: "",
AccessLogPath: "/var/log/nginx/access.log",
AccessLogParams: "",
EnableAccessLogForDefaultBackend: false,