mirror of
https://github.com/imgproxy/imgproxy.git
synced 2025-03-17 20:17:48 +02:00
Add warning to the IMGPROXY_ALLOWED_SOURCES docs
This commit is contained in:
parent
af8366139f
commit
4896cc9438
@ -69,6 +69,8 @@ You can limit allowed source URLs:
|
||||
|
||||
* `IMGPROXY_ALLOWED_SOURCES`: whitelist of source image URLs prefixes divided by comma. When blank, imgproxy allows all source image URLs. Example: `s3://,https://example.com/,local://`. Default: blank.
|
||||
|
||||
**Warning:** Be careful when using this config to limit source URL hosts, and always add a trailing slash after the host. Bad: `http://example.com`, good: `http://example.com/`. If you don't add a trailing slash, `http://example.com@baddomain.com` will be an allowed URL but the request will be made to `baddomain.com`.
|
||||
|
||||
When you use imgproxy in a development environment, it can be useful to ignore SSL verification:
|
||||
|
||||
* `IMGPROXY_IGNORE_SSL_VERIFICATION`: when true, disables SSL verification, so imgproxy can be used in a development environment with self-signed SSL certificates.
|
||||
|
Loading…
x
Reference in New Issue
Block a user