linkerd2

History

Alejandro Pedraza 28c1b78077 chore(dashboard): Make CSWSH protection explicit (#13548 ) In the websocket handshake handler for the tap API we were relying on Gorilla's default behavior for validating that requests came from the same host, to protect against Cross-Site WebSocket Hijacking (CSWSH). This change only makes that validation explicit, instead of relying on default behavior, as a best practice.		2025-01-14 10:05:34 -05:00
..
testdata	Versioned `linkerd check` hint URLs (#6102 )	2021-05-10 13:21:15 -05:00
api_handlers.go	chore(dashboard): Make CSWSH protection explicit (#13548 )	2025-01-14 10:05:34 -05:00
api_handlers_test.go	Replace usage of io/ioutil package (#9613 )	2022-10-13 12:10:58 -05:00
check_same_origin.go	chore(dashboard): Make CSWSH protection explicit (#13548 )	2025-01-14 10:05:34 -05:00
handlers.go	Add json output format support to linkerd profile command (#12611 )	2024-05-21 16:37:14 -07:00
handlers_test.go	Use go-test/deep for comparisons in tests (#8427 )	2022-05-05 09:31:07 -07:00
reverse_proxy.go	Fix bad Host in dashboard's reverse proxy (#8073 )	2022-03-16 09:07:37 -05:00
server.go	Remove TrafficSplit from Dashboard (#10532 )	2023-03-17 08:48:09 -05:00
test_helpers.go	Enable lint check for comments (#2023 )	2019-01-02 14:03:59 -08:00