DevFW-CICD/ingress-nginx-helm
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Enable security features by default (#11819)

Browse source
This commit is contained in:
Ricardo Katz 2024-08-23 00:45:51 -03:00 committed by GitHub
parent b79551287e
commit 7b4e4e2fa1
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
28 changed files with 103 additions and 262 deletions
Download patch file Download diff file Expand all files Collapse all files

6
internal/ingress/controller/config/config.go
View file

@ -776,10 +776,10 @@ func NewDefault() Configuration {
cfg := Configuration{
AllowSnippetAnnotations: false,
AllowCrossNamespaceResources: true,
AllowCrossNamespaceResources: false,
AllowBackendServerHeader: false,
AnnotationValueWordBlocklist: "",
AnnotationsRiskLevel: "Critical",
AnnotationsRiskLevel: "High",
AccessLogPath: "/var/log/nginx/access.log",
AccessLogParams: "",
EnableAccessLogForDefaultBackend: false,
@ -924,7 +924,7 @@ func NewDefault() Configuration {
GlobalRateLimitMemcachedPoolSize: 50,
GlobalRateLimitStatusCode: 429,
DebugConnections: []string{},
StrictValidatePathType: false, // TODO: This will be true in future releases
StrictValidatePathType: true,
GRPCBufferSizeKb: 0,
}