510d82551a
* implement SSRF protection header * add test for SSRF protection header * cleanup * refactor * implement SSRF header on a per-listener basis * cleanup * cleanup * creat unit test for agent SSRF * improve unit test for agent SSRF * add VaultRequest SSRF header to CLI * fix unit test * cleanup * improve test suite * simplify check for Vault-Request header * add constant for Vault-Request header * improve test suite * change 'config' to 'agentConfig' * Revert "change 'config' to 'agentConfig'" This reverts commit 14ee72d21fff8027966ee3c89dd3ac41d849206f. * do not remove header from request * change header name to X-Vault-Request * simplify http.Handler logic * cleanup * simplify http.Handler logic * use stdlib errors package
33 lines
952 B
Go
33 lines
952 B
Go
package consts
|
|
|
|
const (
|
|
// ExpirationRestoreWorkerCount specifies the number of workers to use while
|
|
// restoring leases into the expiration manager
|
|
ExpirationRestoreWorkerCount = 64
|
|
|
|
// NamespaceHeaderName is the header set to specify which namespace the
|
|
// request is indented for.
|
|
NamespaceHeaderName = "X-Vault-Namespace"
|
|
|
|
// AuthHeaderName is the name of the header containing the token.
|
|
AuthHeaderName = "X-Vault-Token"
|
|
|
|
// RequestHeaderName is the name of the header used by the Agent for
|
|
// SSRF protection.
|
|
RequestHeaderName = "X-Vault-Request"
|
|
|
|
// PerformanceReplicationALPN is the negotiated protocol used for
|
|
// performance replication.
|
|
PerformanceReplicationALPN = "replication_v1"
|
|
|
|
// DRReplicationALPN is the negotiated protocol used for
|
|
// dr replication.
|
|
DRReplicationALPN = "replication_dr_v1"
|
|
|
|
PerfStandbyALPN = "perf_standby_v1"
|
|
|
|
RequestForwardingALPN = "req_fw_sb-act_v1"
|
|
|
|
RaftStorageALPN = "raft_storage_v1"
|
|
)
|