Paths

Table of Contentst

Diffusion hydra 66366137ffa9

Don't apply `security.require-https` to intracluster requests
66366137ffa9
Actions

Tags

None

Referenced Files

None

Subscribers

None

Description

Don't apply security.require-https to intracluster requests

Summary:
Ref T10784. Currently, if you terminate SSL at a load balancer (very common) and use HTTP beyond that, you have to fiddle with this setting in your premable or a SiteConfig.

On the balance I think this makes stuff much harder to configure without any real security benefit, so don't apply this option to intracluster requests.

Also document a lot of stuff.

Test Plan: Poked around locally but this is hard to test outside of a production cluster, I'll vet it more thoroughly on secure.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10784

Differential Revision: https://secure.phabricator.com/D15696

Details

Provenance

epriestley	Authored on Apr 13 2016, 8:52 AM
sirocyl	Pushed on Oct 16 2024, 5:49 AM

Parents

R1:99be132ea21e: Allow public users to make intracluster API requests

Branches

Unknown

Tags

Unknown

Event Timeline

Changes (7)

Path

Size

src/

aphront/

configuration/

AphrontApplicationConfiguration.php

site/

PhabricatorSite.php

applications/

config/

option/

PhabricatorClusterConfigOptions.php

PhabricatorSecurityConfigOptions.php

docs/

user/

cluster/

cluster.diviner

cluster_databases.diviner

cluster_repositories.diviner

R1:66366137ffa9

src/aphront/configuration/AphrontApplicationConfiguration.php

Loading...

src/aphront/site/PhabricatorSite.php

Loading...

src/applications/config/option/PhabricatorClusterConfigOptions.php

Loading...

src/applications/config/option/PhabricatorSecurityConfigOptions.php

Loading...

src/docs/user/cluster/cluster.diviner

Loading...

src/docs/user/cluster/cluster_databases.diviner

Loading...

src/docs/user/cluster/cluster_repositories.diviner

Loading...