alihan/awesome-reviewers
1
0
Fork 0
mirror of https://github.com/baz-scm/awesome-reviewers.git synced 2025-08-20 18:58:52 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
d30a402e74abe2b2ef045a863cc8d9d250371b17
awesome-reviewers/_reviewers/posthog-use-allowlists-over-blocklists.json
internal-baz-ci-app[bot] d30a402e74 Add 41 awesome reviewers for PostHog/posthog
2025-08-19 12:19:58 +00:00

24 lines
2.0 KiB
JSON
Raw Blame History

[
{
"discussion_id": "2245817015",
"pr_number": 35953,
"pr_file": "plugin-server/src/cdp/consumers/cdp-source-webhooks.consumer.ts",
"created_at": "2025-07-31T16:10:29+00:00",
"commented_code": "import { createInvocation, createInvocationResult } from '../utils/invocation-utils'\n import { CdpConsumerBase } from './cdp-base.consumer'\n \n+const DISALLOWED_HEADERS = ['x-forwarded-for', 'x-forwarded-host', 'x-forwarded-proto', 'x-forwarded-port', 'cookie']",
"repo_full_name": "PostHog/posthog",
"discussion_comments": [
{
"comment_id": "2245817015",
"repo_full_name": "PostHog/posthog",
"pr_number": 35953,
"pr_file": "plugin-server/src/cdp/consumers/cdp-source-webhooks.consumer.ts",
"discussion_id": "2245817015",
"commented_code": "@@ -16,6 +16,8 @@ import { createAddLogFunction } from '../utils'\n import { createInvocation, createInvocationResult } from '../utils/invocation-utils'\n import { CdpConsumerBase } from './cdp-base.consumer'\n \n+const DISALLOWED_HEADERS = ['x-forwarded-for', 'x-forwarded-host', 'x-forwarded-proto', 'x-forwarded-port', 'cookie']",
"comment_created_at": "2025-07-31T16:10:29+00:00",
"comment_author": "Piccirello",
"comment_body": "May want to include the below, to be safe:\r\n\r\n- `x-csrftoken`\r\n- `authorization`\r\n- `proxy-authorization`\r\n- `referer`\r\n- `forwarded`\r\n- `x-real-ip`\r\n- `true-client-ip`\r\n\r\nThis list can change as our infra changes (e.g. if we start using Cloudflare that adds some additional headers). It would be much preferable to operate off of an allowlist. I don't have a great understanding of the current use case so it's hard to say exactly, but something like this\r\n```ts\r\nconst ALLOWED_HEADERS = ['Accept', 'Accept-Encoding', 'Accept-Language', 'Cache-Control', 'Pragma', 'Content-Type', 'Content-Length', 'Content-Encoding', 'Content-Language', 'User-Agent', 'Host', 'Date']\r\n```",
"pr_file_module": null
}
]
}
]
Reference in New Issue View Git Blame Copy Permalink