daml/integration-tests at bda565fa4470d77a803fb4d9f0f6de41e4bf282a - daml

mirror of https://github.com/digital-asset/daml.git synced 2024-09-19 16:57:40 +03:00

History

Stephen Compall 067f3c987d require https reverse proxy (#5660 ) * new --leak-passwords-firesheep-style option; functions to check forwarded protocol * enforce https reverse-proxy in all JWT-accepting endpoints * make HttpService.start take config record * test that X-Forwarded-Proto or Forwarded is enforced * use new start signature in daml-script tests * use insecure http mode for ts codegen tests * note on regex * use insecure option in daml assistant integration tests * log allowNonHttps setting * add non-https option to more places in daml-assistant tests * add non-https option to getting started guide * rename --leak-passwords-firesheep-style to --allow-insecure-tokens - per suggestion by @garyverhaegen-da, @hurryabit CHANGELOG_BEGIN - [JSON API] By default, checks that connections are made through a reverse-proxy providing HTTPS, ensuring that JWT tokens don't leak. To disable this check, such as for development, pass ``--allow-insecure-tokens``. See `issue #5572 <https://github.com/digital-asset/daml/issues/5572>`_. CHANGELOG_END * daml start includes --allow-insecure-tokens by default - as indicated by @cocreature	2020-04-28 14:33:38 -04:00
..
src/DA/Daml/Assistant	require https reverse proxy (#5660 )	2020-04-28 14:33:38 -04:00
BUILD.bazel	Mark create-daml-app-tests as flaky (#5616 )	2020-04-17 19:54:52 +00:00

Stephen Compall 067f3c987d

* new --leak-passwords-firesheep-style option; functions to check forwarded protocol

* enforce https reverse-proxy in all JWT-accepting endpoints

* make HttpService.start take config record

* test that X-Forwarded-Proto or Forwarded is enforced

* use new start signature in daml-script tests

* use insecure http mode for ts codegen tests

* note on regex

* use insecure option in daml assistant integration tests

* log allowNonHttps setting

* add non-https option to more places in daml-assistant tests

* add non-https option to getting started guide

* rename --leak-passwords-firesheep-style to --allow-insecure-tokens

- per suggestion by @garyverhaegen-da, @hurryabit

CHANGELOG_BEGIN
- [JSON API] By default, checks that connections are made through a reverse-proxy
  providing HTTPS, ensuring that JWT tokens don't leak.  To disable this check,
  such as for development, pass ``--allow-insecure-tokens``.
  See `issue #5572 <https://github.com/digital-asset/daml/issues/5572>`_.
CHANGELOG_END

* daml start includes --allow-insecure-tokens by default

- as indicated by @cocreature

2020-04-28 14:33:38 -04:00

src/DA/Daml/Assistant

require https reverse proxy (#5660 )

2020-04-28 14:33:38 -04:00

BUILD.bazel

Mark create-daml-app-tests as flaky (#5616 )

2020-04-17 19:54:52 +00:00