Skip to content

Commit

Permalink
fix: 🐛 bug which allows host header injection vuln
Browse files Browse the repository at this point in the history
  • Loading branch information
jaskaransarkaria committed Oct 31, 2024
1 parent fd5cbd3 commit 97be2a6
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion templates/values.yaml.tpl
Original file line number Diff line number Diff line change
Expand Up @@ -190,7 +190,7 @@ controller:
%{ endif ~}
server-snippet: |
if ($scheme != 'https') {
return 308 https://$host$request_uri;
return 308 https://$server_name$request_uri;
}

#
Expand Down

0 comments on commit 97be2a6

Please sign in to comment.