Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Console should not function as an open web proxy #7059

Closed
ycombinator opened this issue Apr 26, 2016 · 2 comments
Closed

Console should not function as an open web proxy #7059

ycombinator opened this issue Apr 26, 2016 · 2 comments
Assignees
@ycombinator
Labels
blocker bug Fixes for quality problems that affect the customer experience

Comments

@ycombinator
Copy link
Contributor

Currently, its possible to use Console as an open web proxy because users can enter any base URL in the input box up top. Evidence (thanks @rashidkpc):

For now, the consensus is to remove the input box on the client-side and, on the server-side, only send requests to http://localhost:9200. In the future, we might allow user to configure a list of Elasticsearch base URLs that they can then select from on the client-side.
@ycombinator ycombinator added bug Fixes for quality problems that affect the customer experience P1 labels Apr 26, 2016
@ycombinator ycombinator self-assigned this Apr 26, 2016
@epixa
Copy link
Contributor

epixa commented Apr 26, 2016

To clarify, the requests should be sent to whichever ES that kibana is configured to use rather than hardcoding localhost:9200.

@ycombinator
Copy link
Contributor Author

Thanks @epixa. That makes more sense :)

@ycombinator ycombinator mentioned this issue Apr 26, 2016
Merged
@spalger spalger mentioned this issue Apr 27, 2016
Closed
ycombinator added a commit to ycombinator/kibana that referenced this issue May 6, 2016
@ycombinator
Merge branch 'master' into elasticgh-7059
9e91032
ycombinator added a commit to ycombinator/kibana that referenced this issue May 10, 2016
@ycombinator
Merge branch 'master' into elasticgh-7059
1c1807e
ycombinator added a commit that referenced this issue May 11, 2016
@ycombinator
Merge pull request #7067 from ycombinator/gh-7059
5a41292 
Disallow Console from functioning as an open web proxy
@jim12321 jim12321 mentioned this issue Nov 3, 2016
Closed
@jbudz jbudz mentioned this issue Dec 12, 2016
Closed
@ppf2 ppf2 mentioned this issue Feb 9, 2017
Closed
@jbudz jbudz mentioned this issue Oct 5, 2017
Closed
@anhlqn anhlqn mentioned this issue Mar 30, 2018
Closed
@cjcenizal cjcenizal mentioned this issue Oct 16, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ycombinator ycombinator

Labels
blocker bug Fixes for quality problems that affect the customer experience
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[console] add support for console.proxyTargets spalger/kibana
2 participants
@ycombinator @epixa