Y
Hacker News
new
|
ask
|
show
|
jobs
by
hn92726819
434 days ago
I'm not that familiar with nginx config. Does this protect against path traversal? Ex: host=../../../docker.sock
1 comments
sigil
434 days ago
nginx validates hostnames per the spec, and to your question specifically it rejects requests that would put a slash in $host:
https://github.com/nginx/nginx/blob/b6e7eb0f5792d7a52d2675ee...
link