honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
OpenSearch/x-pack/plugin/async-search
History
Albert Zaharovits 480561dbc3
Store and use only internal security headers (#66365) 
For async searches (EQL included) the client's request headers were
erroneously stored in the .tasks index. This might expose the requesting
client's HTTP Authorization header. This PR fixes that by employing the
usual approach to store only the security-internal headers, which carry
the authentication result, instead of the original Authorization header,
which is commonly utilized to redo authentication for scheduled tasks.
 		2020-12-17 23:40:55 +02:00
..
qa Support point in time in async_search (#61560) 2020-09-10 19:25:48 -04:00
src Store and use only internal security headers (#66365) 2020-12-17 23:40:55 +02:00
build.gradle [7.x] Remove integTest task from PluginBuildPlugin (#61879) (#62135) 2020-09-09 14:25:41 -05:00