kopia lustrzana https://github.com/jointakahe/takahe
Attach user identification headers to response (#453)
Add X-Takahe-User and X-Takahe-User-Identity headers to response, when available, to allow for better Nginx log enrichment. Also drop these headers in Nginx so they aren't sent into the world. They probably aren't dangerous since they identfy the users _to themselves_ but strip it for now, just in case.pull/466/head
rodzic
349e1b8801
commit
46947279b0
|
@ -25,6 +25,10 @@ server {
|
|||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_http_version 1.1;
|
||||
|
||||
# The user header is available for logging, but not returned to the client
|
||||
proxy_hide_header X-Takahe-User;
|
||||
proxy_hide_header X-Takahe-Identity;
|
||||
|
||||
# Serve robots.txt from the non-collected dir as a special case.
|
||||
location /robots.txt {
|
||||
alias /takahe/static/robots.txt;
|
||||
|
|
|
@ -30,4 +30,10 @@ class IdentityMiddleware:
|
|||
request.identity = None
|
||||
|
||||
response = self.get_response(request)
|
||||
|
||||
if request.user:
|
||||
response.headers["X-Takahe-User"] = str(request.user)
|
||||
if request.identity:
|
||||
response.headers["X-Takahe-Identity"] = str(request.identity)
|
||||
|
||||
return response
|
||||
|
|
Ładowanie…
Reference in New Issue