Skip to content
This repository was archived by the owner on Nov 24, 2025. It is now read-only.

Add PUSH and PURGE denial to mid tier caches.#5292

Merged
rob05c merged 1 commit intoapache:masterfrom
alficles:deny-push
Nov 17, 2020
Merged

Add PUSH and PURGE denial to mid tier caches.#5292
rob05c merged 1 commit intoapache:masterfrom
alficles:deny-push

Conversation

@alficles
Copy link
Contributor

@alficles alficles commented Nov 17, 2020

What does this PR (Pull Request) do?

This adjusts the ip_allow lists produced for ATS to remove unnecessary methods.

  • This PR is not related to any Issue

Which Traffic Control components are affected by this PR?

  • Traffic Ops ORT

What is the best way to verify this PR?

Use ORT to generate an ip_allow config and ensure that PUSH and PURGE are not allowed when ATS uses the config, but everything else is.

If this is a bug fix, what versions of Traffic Control are affected?

This configuration change improves a situation that has been in place in all versions of ATC.

The following criteria are ALL met by this PR

  • This PR includes tests OR I have explained why tests are unnecessary
  • This PR includes documentation OR I have explained why documentation is unnecessary
  • This PR includes an update to CHANGELOG.md OR such an update is not necessary
  • This PR includes any and all required license headers
  • This PR DOES NOT FIX A SERIOUS SECURITY VULNERABILITY (see the Apache Software Foundation's security guidelines for details)

@rob05c rob05c self-assigned this Nov 17, 2020
@rawlinp rawlinp added 4.1.x-backport-candidate bug something isn't working as intended Traffic Ops ORT *DEPRECATED* related to the traffic_ops_ort.pl script labels Nov 17, 2020
@rawlinp rawlinp added this to the 5.0.0 milestone Nov 17, 2020
rob05c
rob05c approved these changes Nov 17, 2020
View reviewed changes
Copy link
Member

@rob05c rob05c left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good! Unit tests pass, generated config, ATS starts and serves successfully.

@rob05c rob05c merged commit 97382c9 into apache:master Nov 17, 2020
rawlinp pushed a commit to rawlinp/trafficcontrol that referenced this pull request Nov 18, 2020
@alficles @rawlinp
Add PUSH and PURGE denial to mid tier caches. (apache#5292)
41a6b7c 
(cherry picked from commit 97382c9)
@rawlinp rawlinp mentioned this pull request Nov 18, 2020
Merged
rawlinp added a commit that referenced this pull request Nov 18, 2020
@rawlinp @alficles
Add PUSH and PURGE denial to mid tier caches. (#5292) (#5302)
817a702 
(cherry picked from commit 97382c9)

Co-authored-by: alficles <alficles@gmail.com>
ocket8888 pushed a commit that referenced this pull request Nov 18, 2020
@alficles @ocket8888
Add PUSH and PURGE denial to mid tier caches. (#5292)
7181282 
(cherry picked from commit 97382c9)
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

1 more reviewer

@rob05c rob05c rob05c approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@rob05c rob05c

Labels

bug something isn't working as intended Traffic Ops ORT *DEPRECATED* related to the traffic_ops_ort.pl script

Projects

None yet

Milestone

5.0.0

Development

Successfully merging this pull request may close these issues.

3 participants

@alficles @rob05c @rawlinp