docs: update README and config to reflect exact-match-only whitelist
All checks were successful
check / check (push) Successful in 5s
All checks were successful
check / check (push) Successful in 5s
Remove suffix match documentation and config comments since whitelist now only supports exact host matches.
This commit is contained in:
user
@@ -98,9 +98,7 @@ expiration 1704067200:
|
||||
|
||||
**Whitelist patterns:**
|
||||
|
||||
- **Exact match**: `cdn.example.com` — matches only that host
|
||||
- **Suffix match**: `.example.com` — matches `cdn.example.com`,
|
||||
`images.example.com`, and `example.com`
|
||||
- **Exact match only**: `cdn.example.com` — matches only that host
|
||||
|
||||
### Configuration
|
||||
|
||||
|
||||
@@ -13,8 +13,7 @@ state_dir: ./data
|
||||
# Generate with: openssl rand -base64 32
|
||||
signing_key: "CHANGE_ME_generate_with_openssl_rand_base64_32"
|
||||
|
||||
# Hosts that don't require signatures
|
||||
# Use "." prefix for wildcard subdomain matching (e.g., ".example.com" matches "cdn.example.com")
|
||||
# Hosts that don't require signatures (exact match only)
|
||||
whitelist_hosts:
|
||||
- s3.sneak.cloud
|
||||
- static.sneak.cloud
|
||||
|
||||
Reference in New Issue
Block a user