Fix host header attack

Signed-off-by: Ammar Bikic <ammar.bikic@bosch.io>
This commit is contained in:
Ammar Bikic
2020-11-30 16:25:43 +01:00
parent 68e4cd93e1
commit 75d906252e
5 changed files with 108 additions and 18 deletions

View File

@@ -35,6 +35,8 @@ public class HawkbitSecurityProperties {
*/
private boolean requireSsl;
private List<String> allowedHostNames;
/**
* Basic authentication realm, see
* https://tools.ietf.org/html/rfc2617#page-3 .
@@ -49,6 +51,14 @@ public class HawkbitSecurityProperties {
this.requireSsl = requireSsl;
}
public List<String> getAllowedHostNames() {
return allowedHostNames;
}
public void setAllowedHostNames(final List<String> allowedHostNames) {
this.allowedHostNames = allowedHostNames;
}
public String getBasicRealm() {
return basicRealm;
}