Support adding Authorization HTTP headers through the `RUSTUP_AUTHO…#4672
Support adding Authorization HTTP headers through the `RUSTUP_AUTHO…#4672amejia1 wants to merge 26 commits intorust-lang:mainfrom
Authorization HTTP headers through the `RUSTUP_AUTHO…#4672Conversation
…RIZATION_HEADER` environment variable. This partially addresses rust-lang#1343 by supporting reverse proxies which require authentication that function as mirrors to https://static.rust-lang.org .
|
If this is about a reverse proxy I don't think the complexity of doing this is worth it. Instead, it seems like the main issue is that we might leak credentials in logging when using |
This change would also support token based authentication through the Bearer scheme. I had those in mind when I thought to implement these changes. Here are some examples of what I mean https://api.goauthentik.io/authentication/ |
|
I have converted this PR to a draft. I need to investigate ways to start a forward proxy which requires authentication. |
|
I don't think we're going to want a Ferron proxy setup in our source tree. |
… HTTP headers support.
|
I just noticed your last comment. I had this in draft mode and thought that would disable notifications. I am working on a good and simple way to test the changes and thought to use containers. Is use of containers for testing fine? If no, what should I do for tests? |
… and fix issues found with new tests.
This is to prevent triggering the brute-force protection in the Ferron server.
…ing or incorrect credentials.
This reverts commit 3b4a014.
|
I am done working out how to test and verify the new changes using containers. If usage of containers is not acceptable, another idea I have so far is writing a small test web app much like how there is httpbin to test the Python "request" module. |
2 participants
…RIZATION_HEADER` environment variable.
This partially addresses #1343 by supporting reverse proxies which require authentication that function as mirrors to https://static.rust-lang.org .