From cee878be25363f83972b7451ea99734b903e4a89 Mon Sep 17 00:00:00 2001 From: zitudu Date: Thu, 17 Aug 2023 15:48:11 +0800 Subject: [PATCH] comment & lint --- internal/ingress/controller/config/config.go | 4 +-- rootfs/etc/nginx/template/nginx.tmpl | 38 ++++++++++---------- 2 files changed, 21 insertions(+), 21 deletions(-) diff --git a/internal/ingress/controller/config/config.go b/internal/ingress/controller/config/config.go index 222279845..324fe8941 100644 --- a/internal/ingress/controller/config/config.go +++ b/internal/ingress/controller/config/config.go @@ -570,11 +570,11 @@ type Configuration struct { // Default: "for" ForwardedRFC7239 []string `json:"forwarded-rfc7239"` - // Sets Forwarded "for" parameter node identifier, should be "ip" or a static string. + // Sets Forwarded "for" parameter node identifier, should be "ip" or a static obfuscated string. // Default: "ip" ForwardedRFC7239For string `json:"forwarded-rfc7239-for,omitempty"` - // Sets Forwarded "by" parameter node identifier, should be "ip" or a static string. + // Sets Forwarded "by" parameter node identifier, should be "ip" or a static obfuscated string. // Default: "ip" ForwardedRFC7239By string `json:"forwarded-rfc7239-by,omitempty"` diff --git a/rootfs/etc/nginx/template/nginx.tmpl b/rootfs/etc/nginx/template/nginx.tmpl index b7f6a6a22..c710ef3ba 100644 --- a/rootfs/etc/nginx/template/nginx.tmpl +++ b/rootfs/etc/nginx/template/nginx.tmpl @@ -507,25 +507,25 @@ http { # be one of ipv4, ipv6, and reg-name optionaly followed by a port after # a colon. map $http_host $proxy_forwarded_rfc2379_host { - # IPv4 and reg-name formed of valid field value characters can be sent - # as-is. The regular expression of IPv4 is subset of this one, and this - # expression also matches IPv4. - # Since characters "#", "^", "|", and "`" are invalid for reg-name, - # these four characters are removed from character set. - "~^[!$%&'*+._~0-9A-Za-z-]+$" "host=$http_host"; - - # reg-names are not matched last regular expression need to be quoted. - "~^[!$&'()*+,;=._~%0-9A-Za-z-]$" "host=\"$http_host\""; - - # IPv6 addresses (with port or not) need to quoted (it must be already - # bracketed). - "~^\[[0-9A-Fa-f:.]+\](:[0-9]+)*$" "host=\"$http_host\""; - - # IPv4:port and reg-name:port and need to be quoted. - "~^[!$&'()*+,;=._~%0-9A-Za-z-]+:[0-9]+$" "host=\"$http_host\""; - - # Otherwise it is invalid. - default "host=unknown"; + # IPv4 and reg-name formed of valid field value characters can be sent + # as-is. The regular expression of IPv4 is subset of this one, and this + # expression also matches IPv4. + # Since characters "#", "^", "|", and "`" are invalid for reg-name, + # these four characters are removed from character set. + "~^[!$%&'*+._~0-9A-Za-z-]+$" "host=$http_host"; + + # reg-names are not matched last regular expression need to be quoted. + "~^[!$&'()*+,;=._~%0-9A-Za-z-]$" "host=\"$http_host\""; + + # IPv6 addresses (with port or not) need to quoted (it must be already + # bracketed). + "~^\[[0-9A-Fa-f:.]+\](:[0-9]+)*$" "host=\"$http_host\""; + + # IPv4:port and reg-name:port and need to be quoted. + "~^[!$&'()*+,;=._~%0-9A-Za-z-]+:[0-9]+$" "host=\"$http_host\""; + + # Otherwise it is invalid. + default "host=unknown"; } # Section 3.1 of RFC3986 defines scheme syntax.