IntenseWebs/discourse
3
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-02-25 18:55:32 -06:00
Code Issues Packages Projects Releases Wiki Activity
Files
3764c6d8093f02d7264250a162070248a04d2e15
discourse/config
History
Alan Guo Xiang Tan 3764c6d809 FIX: Scrub Client-Ip request header in nginx (#30971) 
We are scrubbing the `Client-Ip` request header at the nginx proxy
because it is not a request header which we have decided to trust. Our
application should only use the `X-Fowarded-For` request header instead.

This change helps to resolve
`ActionDispatch::RemoteIp::IpSpoofAttackError`
errors from being raised by the `ActionDispatch::RemoteIp` when
the request headers contains both `Client-Ip` and `X-Forwarded-For`.

At the time of writing,
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-For
also states that "The HTTP X-Forwarded-For (XFF) request header is a
de-facto standard header for identifying the originating IP address of a
client connecting to a web server through a proxy server."
2025-01-24 10:35:39 +08:00
..
environments
DEV: Recover @timestamp in unicorn logs when logstash logger is enabled (#28008)
2024-07-22 15:21:41 +08:00
initializers
DEV: Restart unicorn when any settings.yml changes. (#30577)
2025-01-06 17:43:44 +11:00
locales
FEATURE: Add attribution to staff notice and rename functionality (#30920)
2025-01-24 09:29:22 +10:00
application.rb
DEV: Move 'symlinking fonts' message to STDERR (#30699)
2025-01-10 18:02:16 +00:00
boot.rb
PERF: Stop running bootsnap in development mode on all environments (#25737)
2024-02-19 11:33:52 +08:00
cdn.yml.sample
Initial release of Discourse
2013-02-05 14:16:51 -05:00
database.yml
DEV: Increase pool connections to 2 in test environment
2024-11-28 12:23:25 +01:00
deploy.rb.sample
enough with the malloc limit, not needed
2016-05-25 21:09:07 +10:00
dev_defaults.yml
DEV: Convert admin-incoming-email modal to component-based API (#22701)
2023-07-20 16:31:20 -05:00
discourse_defaults.conf
DEV: Upgrade Rails to version 7.2
2024-11-27 10:48:47 +01:00
discourse.config.sample
enough with the malloc limit, not needed
2016-05-25 21:09:07 +10:00
discourse.pill.sample
Improve bluepill sample config.
2014-01-31 16:09:35 -05:00
environment.rb
DEV: Apply syntax_tree formatting to config/*
2023-01-09 11:13:29 +00:00
logrotate.conf
Replace Clockwork with Sidetiq
2013-08-14 21:39:40 +02:00
multisite.yml.production-sample
DEV: Remove db_id from sample multisite config.
2020-05-29 10:48:29 +08:00
nginx.sample.conf
FIX: Scrub Client-Ip request header in nginx (#30971)
2025-01-24 10:35:39 +08:00
projections.json
DEV: Use .hbr for raw template file extension (#8883)
2020-02-11 13:38:12 -06:00
puma.rb
DEV: Apply syntax_tree formatting to config/*
2023-01-09 11:13:29 +00:00
routes.rb
FEATURE: Allow admins to export users (#30918)
2025-01-24 08:13:25 +11:00
sidekiq.yml
FEATURE: introduce ultra_low priority queue
2019-01-17 14:53:19 +11:00
site_settings.yml
FEATURE: add new hidden site setting to show full names in user card
2025-01-23 12:26:59 -05:00
spring.rb
DEV: Apply syntax_tree formatting to config/*
2023-01-09 11:13:29 +00:00
thin.yml.sample
Add sample Capistrano deployment files
2013-05-02 19:53:37 -07:00
unicorn_launcher
FIX: Increase timeout when trying to reload unicorn.
2018-12-04 13:43:14 +08:00
unicorn_upstart.conf
enough with the malloc limit, not needed
2016-05-25 21:09:07 +10:00
unicorn.conf.rb
DEV: Fix undefined method check_email_sync_heartbeat in unicorn conf (#30360)
2024-12-19 10:10:11 +08:00