Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Route pointing to self can be bypassed by direct controller access #3371

Open
emreavsar opened this issue Apr 23, 2024 · 0 comments
Open

Route pointing to self can be bypassed by direct controller access #3371

emreavsar opened this issue Apr 23, 2024 · 0 comments
Labels
waiting-for-triage

Comments

@emreavsar
Copy link

Imagine your gateway has also a @RestController and serves GET /user

At the same time you have a route, which will check the request with some predicates (this could be for auth) on GET /some-prefix/user

Is there a smart way to 'disable' the controller for unwanted access?

I guess that's just not possible without splitting the rest controller functionality into another service and point to it.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
waiting-for-triage
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@emreavsar @spring-cloud-issues