Re: Reserved routes
|
MJ
Thanks, Mike. I implemented and tested the second option and so far it appears to be working great.
toggle quoted message
Show quoted text
A side note: It’s a bit surprising CF allows names like api and uaa when the platform is using the same domain considering, theoretically, a user could create apps and routes for those services and capture sensitive info. -Mike On Jun 15, 2015, at 2:32 PM, Mike Youngstrom <youngm(a)gmail.com<mailto:youngm(a)gmail.com>> wrote:
Two thoughts: * Put your private system domain in an Org that users you don't trust won't have access to. * Create routes without an app for the names you wish to "reserve" Mike On Mon, Jun 15, 2015 at 3:30 PM, Mike Jacobi <jacobi(a)adobe.com<mailto:jacobi(a)adobe.com>> wrote: It appears users can create their own routes named the same as critical endpoints such as api, doppler, loggregator, uaa, etc. In fact, I just created an app with routes doppler and loggregator and the platform did nothing to prevent me from doing so. The “cf logs” behavior was then unpredictable. Is there some way to prevent this? Am I missing something? Thanks, Mike _______________________________________________ cf-dev mailing list cf-dev(a)lists.cloudfoundry.org<mailto:cf-dev(a)lists.cloudfoundry.org> https://lists.cloudfoundry.org/mailman/listinfo/cf-dev _______________________________________________ cf-dev mailing list cf-dev(a)lists.cloudfoundry.org<mailto:cf-dev(a)lists.cloudfoundry.org> https://lists.cloudfoundry.org/mailman/listinfo/cf-dev |
|
|