mirror of
https://github.com/pgadmin-org/pgadmin4.git
synced 2025-02-25 18:55:31 -06:00
Added following security enhancements:
1) Added ALLOWED_HOSTS list to limit the host address. 2) Added CSP and HSTS security header. 3) Hide the webserver/ development framework version. Fixes #5919
This commit is contained in:
Ganesh Jaybhay
committed by
Akshay Joshi
Akshay Joshi
parent
3413a42af4
commit
08c4deba5a
@@ -81,7 +81,8 @@ RUN apk add --no-cache \
|
||||
flask_gravatar \
|
||||
flask_migrate \
|
||||
simplejson \
|
||||
cryptography
|
||||
cryptography \
|
||||
netaddr
|
||||
|
||||
# Copy the docs from the local tree. Explicitly remove any existing builds that
|
||||
# may be present
|
||||
@@ -177,6 +178,7 @@ RUN ln -sf /usr/lib/libpq.so.5.12 /usr/lib/libpq.so.5
|
||||
|
||||
# Copy the runner script
|
||||
COPY pkg/docker/run_pgadmin.py /pgadmin4
|
||||
COPY pkg/docker/gunicorn_config.py /pgadmin4
|
||||
COPY pkg/docker/entrypoint.sh /entrypoint.sh
|
||||
|
||||
# Precompile and optimize python code to save time and space on startup
|
||||
|
||||
Reference in New Issue
Block a user