diff options
author | Thien-Thi Nguyen <ttn@gnuvola.org> | 2021-08-11 05:02:24 -0400 |
---|---|---|
committer | Thien-Thi Nguyen <ttn@gnuvola.org> | 2021-08-11 05:02:24 -0400 |
commit | e399f0df211441b89eaaa213b7cfb32e829a1c1b (patch) | |
tree | 383fc9db841622915602a5c4b46285fbe5135f02 | |
parent | 33fa6d750d0c9f600999573dda7a4070cf065e6b (diff) | |
download | docs-e399f0df211441b89eaaa213b7cfb32e829a1c1b.tar.gz docs-e399f0df211441b89eaaa213b7cfb32e829a1c1b.tar.bz2 docs-e399f0df211441b89eaaa213b7cfb32e829a1c1b.zip |
add reverse-proxy ref to leak note -- note FIXME
-rw-r--r-- | taler-merchant-manual.rst | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/taler-merchant-manual.rst b/taler-merchant-manual.rst index 36d9a639..d6ad2d4e 100644 --- a/taler-merchant-manual.rst +++ b/taler-merchant-manual.rst @@ -785,6 +785,8 @@ it twice, first creating the ``default`` instance, then creating normal ones. This means unauthorized users can distinguish between the case where the instance does not exist (HTTP 404) and the case where access is denied (HTTP 403). + This is all moot behind a properly configured reverse-proxy. + FIXME: Link to primary reverse-proxy documentation. KUDOS Accounts |