Comments (5)
We have fixed the issue with location and other snippets by making it an empty list by default in v1.1.0
We leave the security configuration of the block list to the user.
We are continuing to look into other remediations as well.
/close
from uptime-kuma-helm.
To fix this issue you have to do following:
PLEASE BE AWARE, THIS CHANGE IS GLOBAL AND DEACTIVATES SOME OF THE SECURITY MEASUREMENTS!
# Edit the ingress-nginx-controller ConfigMap in your Ingress namespace
kubectl -n ingress-nginx edit configmap ingress-nginx-controller
# You will find something like:
apiVersion: v1
data:
allow-snippet-annotations: "true"
kind: ConfigMap
# Add following line into the data map:
annotation-value-word-blocklist: load_module,lua_package,_by_lua,root,serviceaccount,',\
# It should look now like:
apiVersion: v1
data:
allow-snippet-annotations: "true"
annotation-value-word-blocklist: load_module,lua_package,_by_lua,root,serviceaccount,',\
kind: ConfigMap
This change overrides the default annotation-value-word-blocklist to allow certain symbols and charakters in a snippet.
from uptime-kuma-helm.
@strongjz Thank you very much for responding, even tho I just had this here open for myself and others as a simple note 😄
from uptime-kuma-helm.
It was linked from another ingress-nginx issue so I assumed this was one as well, lol. Sorry for stomping on your issue.
from uptime-kuma-helm.
No worries, really appreciate that I somehow have proper solution here :D
Thanks for all your and the Teams efforts!
from uptime-kuma-helm.
Related Issues (20)
- Create ServiceMonitor and Secret for Prometheus metrics endpoint HOT 1
- Chart already exist in k8s@home project HOT 1
- Example for using Existing PV HOT 3
- Alpine image is deprecated HOT 1
- Action Required: Fix Renovate Configuration
- Adding urls via helm chart HOT 1
- Utilise proper FQDN and GitHub Pages.
- Add oauth2-proxy and disable User login HOT 1
- Helm chart certificate not trusted HOT 2
- podLabels not included when useDeploy is true
- Add GPG signing for Helm chart
- URL NOT WORKING HOT 1
- HELM CHART FEATURE ENHANCEMENT HOT 2
- Default strategy.type HOT 1
- Support for LoadBalancerIP
- Helm chart certificate not trusted HOT 2
- ArgoCD support? HOT 13
- helm.irsigler.cloud seems down HOT 4
- tag 1.23.11-debian is not available anymore HOT 1
- The tag: "1.23.11-debian" does not exist anymore. HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from uptime-kuma-helm.