Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow/encourage dst/fmt to be specified in secret #9

Merged
merged 2 commits into from
Jul 13, 2023
Merged

Allow/encourage dst/fmt to be specified in secret #9

merged 2 commits into from
Jul 13, 2023

Conversation

btoews
Copy link
Member

@btoews btoews commented Jul 12, 2023
edited

Also, allow the secret to allowlist these if they are to be put in request-time params.

The dst/fmt will usually be knowable at the time the secret is created and they usually wont need to vary between requests. Allowing them to be specified at request-time gives room for attackers to discover ways to get the target service to reflect back the plaintext secret in a response.

@btoews
Copy link
Member Author

btoews commented Jul 12, 2023

/cc @mattmoyer

@btoews btoews requested a review from tqbf July 12, 2023 22:10
tqbf
tqbf approved these changes Jul 12, 2023
View reviewed changes
Copy link

@tqbf tqbf left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cheers, Matt!

@btoews
allow/encourage dst/fmt to be specified in secret
b12a784 
Also, allow the secret to allowlist these if they are to be put
in request-time params.

The dst/fmt will usually be knowable at the time the secret is
created and they usually wont need to vary betweeen requests.
Allowing them to be specified at request-time gives room for
attackers to discover ways to get the target service to reflect
back the plaintext secret in a response.
@btoews btoews changed the title Let secret allowlist dst parameter values Allow/encourage dst/fmt to be specified in secret Jul 13, 2023
@btoews
Copy link
Member Author

btoews commented Jul 13, 2023

I revamped this to allow/encourage the fmt/dst to be set in the encrypted secret instead of the request-time params. If users need to set these at request-time they can still do so and we'll provide the option to allowlist their values in the encrypted secret.

@btoews btoews merged commit fe18ba0 into main Jul 13, 2023
1 check passed
@btoews btoews deleted the secret-dst-allowlist branch July 13, 2023 15:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tqbf tqbf tqbf approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@btoews @tqbf