mirror of
https://github.com/minio/minio.git
synced 2024-12-24 22:25:54 -05:00
ec5293ce29
This commit fixes a potential security issue, whereby a full-access token to the server would be available in the GET URL of a download request. This fixes that issue by introducing short-expiry tokens, which are only valid for one minute, and are regenerated for every download request. This commit specifically introduces the short-lived tokens, adds tests for the tokens, adds an RPC call for generating a token given a full-access token, updates the browser to use the new tokens for requests where the token is passed as a GET parameter, and adds some tests with the new temporary tokens. Refs: https://github.com/minio/minio/pull/4673 |
||
---|---|---|
.. | ||
css | ||
fonts/lato | ||
img | ||
js | ||
less | ||
index.html | ||
index.js |