ceb09ce99a
Previously Etherpad would not pass the correct client IP address through and this caused the rate limiter to limit users behind reverse proxies. This change allows Etherpad to use a client IP passed from a reverse proxy. Note to devs: This header can be spoofed and spoofing the header could be used in an attack. To mitigate additional *steps should be taken by Etherpad site admins IE doing rate limiting at proxy.* This only really applies to large scale deployments but it's worth noting.
4 lines
130 B
Docker
4 lines
130 B
Docker
FROM node:alpine3.12
|
|
WORKDIR /tmp
|
|
RUN npm i etherpad-cli-client
|
|
COPY ./tests/ratelimit/send_changesets.js /tmp/send_changesets.js
|