mirror of
https://github.com/hashicorp/vault.git
synced 2025-08-18 04:27:02 +02:00
77ceb7dde0
* implement SSRF protection header
* add test for SSRF protection header
* cleanup
* refactor
* implement SSRF header on a per-listener basis
* cleanup
* cleanup
* creat unit test for agent SSRF
* improve unit test for agent SSRF
* add VaultRequest SSRF header to CLI
* fix unit test
* cleanup
* improve test suite
* simplify check for Vault-Request header
* add constant for Vault-Request header
* improve test suite
* change 'config' to 'agentConfig'
* Revert "change 'config' to 'agentConfig'"
This reverts commit 14ee72d21f.
* do not remove header from request
* change header name to X-Vault-Request
* simplify http.Handler logic
* cleanup
* simplify http.Handler logic
* use stdlib errors package
33 lines
952 B
Go
33 lines
952 B
Go
package consts
|
|
|
|
const (
|
|
// ExpirationRestoreWorkerCount specifies the number of workers to use while
|
|
// restoring leases into the expiration manager
|
|
ExpirationRestoreWorkerCount = 64
|
|
|
|
// NamespaceHeaderName is the header set to specify which namespace the
|
|
// request is indented for.
|
|
NamespaceHeaderName = "X-Vault-Namespace"
|
|
|
|
// AuthHeaderName is the name of the header containing the token.
|
|
AuthHeaderName = "X-Vault-Token"
|
|
|
|
// RequestHeaderName is the name of the header used by the Agent for
|
|
// SSRF protection.
|
|
RequestHeaderName = "X-Vault-Request"
|
|
|
|
// PerformanceReplicationALPN is the negotiated protocol used for
|
|
// performance replication.
|
|
PerformanceReplicationALPN = "replication_v1"
|
|
|
|
// DRReplicationALPN is the negotiated protocol used for
|
|
// dr replication.
|
|
DRReplicationALPN = "replication_dr_v1"
|
|
|
|
PerfStandbyALPN = "perf_standby_v1"
|
|
|
|
RequestForwardingALPN = "req_fw_sb-act_v1"
|
|
|
|
RaftStorageALPN = "raft_storage_v1"
|
|
)
|