Add HTTP_REMOTE_USER header for auth (#4063)

* add HTTP_REMOTE_USER header for auth * add ip whitelist for HTTP_REMOTE_USER header * add IPv6 support for header auth * fix formatting * A few fixes * Add some default trusted sources * Fix IPv6 doc * More standard header names Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
author: drosoCode <44530920+drosoCode@users.noreply.github.com> 2022-04-02 21:40:30 +0200
committer: GitHub <noreply@github.com> 2022-04-02 21:40:30 +0200
commit: 2aba861bc983555faf6dd96c5daa4e40e5328c54 (patch)
tree: 68d63f76d0ce79e06cb3cabaaaeb3cd82849c175 /config.default.php
parent: 191abf5ba541107c5a1c5f14202b99e17bee2074 (diff)
download: freshrss-2aba861bc983555faf6dd96c5daa4e40e5328c54.tar.gz
freshrss-2aba861bc983555faf6dd96c5daa4e40e5328c54.zip
1 files changed, 8 insertions, 0 deletions
diff --git a/config.default.php b/config.default.php
index a9f6a12ec..df8e9133e 100644
--- a/config.default.php
+++ b/config.default.php
@@ -189,4 +189,12 @@ return array(
 
 	# Disable self-update,
 	'disable_update' => false,
+
+	# Trusted IPs that are allowed to send unsafe headers
+	# Please read the documentation, before configuring this
+	# https://freshrss.github.io/FreshRSS/en/admins/09_AccessControl.html
+	'trusted_sources' => [
+		'127.0.0.0/8',
+		'::1/128',
+	]
 );
author	drosoCode <44530920+drosoCode@users.noreply.github.com>	2022-04-02 21:40:30 +0200
committer	GitHub <noreply@github.com>	2022-04-02 21:40:30 +0200
commit	2aba861bc983555faf6dd96c5daa4e40e5328c54 (patch)
tree	68d63f76d0ce79e06cb3cabaaaeb3cd82849c175 /config.default.php
parent	191abf5ba541107c5a1c5f14202b99e17bee2074 (diff)
download	freshrss-2aba861bc983555faf6dd96c5daa4e40e5328c54.tar.gz freshrss-2aba861bc983555faf6dd96c5daa4e40e5328c54.zip