TechQA.

Configure Nginx-ingress with 'client_header_buffer_size' without server-snippet

162 views Asked by At

I understand that Nginx-ingress from 1.9, by default, disables use of server-snippet because of the security risks it includes. See: CVE-2021-25742.

For that reason, I believe it is best to get rid of all use of 'nginx.ingress.kubernetes.io/server-snippet' in all ingresses. But I would like to client_header_buffer_size and large_client_header_buffers. Is it possible to do differently than:

    nginx.ingress.kubernetes.io/server-snippet: |
        client_header_buffer_size 20k;
        large_client_header_buffers 4 20k;

It can be done using Nginx's own ConfigMap but then it applies for all ingresses. I believe it isn't the case when I use server-snippet, or am I wrong?

Increase the max header size without using server-snippet as it adds security risks.

nginx kubernetes-ingress nginx-ingress ingress-controller
Original Q&A
0

There are 0 answers

Related Questions in NGINX

Related Questions in KUBERNETES-INGRESS

Related Questions in NGINX-INGRESS

Related Questions in INGRESS-CONTROLLER

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions