From 2aba861bc983555faf6dd96c5daa4e40e5328c54 Mon Sep 17 00:00:00 2001
From: drosoCode <44530920+drosoCode@users.noreply.github.com>
Date: Sat, 2 Apr 2022 21:40:30 +0200
Subject: Add HTTP_REMOTE_USER header for auth (#4063)

* add HTTP_REMOTE_USER header for auth

* add ip whitelist for HTTP_REMOTE_USER header

* add IPv6 support for header auth

* fix formatting

* A few fixes

* Add some default trusted sources

* Fix IPv6 doc

* More standard header names

Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
---
 config.default.php | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'config.default.php')

diff --git a/config.default.php b/config.default.php
index a9f6a12ec..df8e9133e 100644
--- a/config.default.php
+++ b/config.default.php
@@ -189,4 +189,12 @@ return array(
 
 	# Disable self-update,
 	'disable_update' => false,
+
+	# Trusted IPs that are allowed to send unsafe headers
+	# Please read the documentation, before configuring this
+	# https://freshrss.github.io/FreshRSS/en/admins/09_AccessControl.html
+	'trusted_sources' => [
+		'127.0.0.0/8',
+		'::1/128',
+	]
 );
-- 
cgit v1.2.3