Skip to content
This repository has been archived by the owner on Sep 12, 2018. It is now read-only.

Modify Nginx configuration to make GET and POST un-restricted in location #896

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

xiekeyang
Copy link

GET and POST should be not restricted for users. It is free to search and pull images from registry. Therefore, Nginx is modified to limit the location except GET and POST.

… and pull images from registry. Therefore, Nginx is modified to limit the authentication location except GET and POST.
@dmp42
Copy link
Contributor

dmp42 commented Jan 13, 2015

Use-cases may vary. Allowing to search "freely" does disclose possibly restricted information.
cc @wking @shin-

@xiekeyang
Copy link
Author

@dmp42
However, most of docker images registries, such as Docker Hub, quay.io, etc, allow to search and pull freely.
So I think It is likely a common behavior, and should be accepted by master branch.
Thanks a lot!

@dmp42
Copy link
Contributor

dmp42 commented Jan 14, 2015

None of these services are letting you search and list private content.
I'm happy if people want to do that, and we can certainly provide them with documentation on how to do it, or example configuration files, but I don't think it's the right decision to ship something that by default leaks private information.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants