mirror of
https://github.com/digital-asset/daml.git
synced 2024-09-20 01:07:18 +03:00
067f3c987d
* new --leak-passwords-firesheep-style option; functions to check forwarded protocol * enforce https reverse-proxy in all JWT-accepting endpoints * make HttpService.start take config record * test that X-Forwarded-Proto or Forwarded is enforced * use new start signature in daml-script tests * use insecure http mode for ts codegen tests * note on regex * use insecure option in daml assistant integration tests * log allowNonHttps setting * add non-https option to more places in daml-assistant tests * add non-https option to getting started guide * rename --leak-passwords-firesheep-style to --allow-insecure-tokens - per suggestion by @garyverhaegen-da, @hurryabit CHANGELOG_BEGIN - [JSON API] By default, checks that connections are made through a reverse-proxy providing HTTPS, ensuring that JWT tokens don't leak. To disable this check, such as for development, pass ``--allow-insecure-tokens``. See `issue #5572 <https://github.com/digital-asset/daml/issues/5572>`_. CHANGELOG_END * daml start includes --allow-insecure-tokens by default - as indicated by @cocreature |
||
---|---|---|
.. | ||
src/DA/Daml/Helper | ||
test/DA/Daml/Helper/Test | ||
BUILD.bazel |