View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0004569 | Taler | exchange | public | 2016-06-07 19:33 | 2016-10-11 17:28 |
| Reporter | Florian Dold | Assigned To | Christian Grothoff | ||
| Priority | low | Severity | feature | Reproducibility | have not tried |
| Status | closed | Resolution | fixed | ||
| Product Version | 0.0 | ||||
| Target Version | 0.1 | Fixed in Version | 0.1 | ||
| Summary | 0004569: listen on different socket for administrative exchange interface | ||||
| Description | Otherwise it's easy to accidentally expose the administrative interface. This is bad since the administrative APIs, by design, don't use authentication. For the administrative interface, HTTP over unix domain socket seems especially handy. For the exchange, the checks whether the request comes from localhost are essentially useless, since the exchange will often run behind a reverse proxy and all request will come from localhost. | ||||
| Tags | No tags attached. | ||||
|
|
Implemented in 738d0d0..62b7bba. Note that this implies changes in the deployment, as the bank now needs to talk to the exchange at :18080 (by default). |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2016-06-07 19:33 | Florian Dold | New Issue | |
| 2016-06-07 19:33 | Florian Dold | Status | new => assigned |
| 2016-06-07 19:33 | Florian Dold | Assigned To | => Christian Grothoff |
| 2016-06-08 22:10 | Christian Grothoff | Product Version | => 0.0 |
| 2016-06-08 22:10 | Christian Grothoff | Target Version | => 0.1 |
| 2016-06-13 16:37 | Christian Grothoff | Note Added: 0010898 | |
| 2016-06-13 16:37 | Christian Grothoff | Status | assigned => resolved |
| 2016-06-13 16:37 | Christian Grothoff | Fixed in Version | => 0.1 |
| 2016-06-13 16:37 | Christian Grothoff | Resolution | open => fixed |
| 2016-10-11 17:28 | Christian Grothoff | Status | resolved => closed |
