utils.go
1.59 KB
-
Security: Use Header.Set and Header.Del for X-Grafana-User header (#25495) · 034abaa7
This ensures that the X-Grafana-User header can be trusted. If the configuration enabled the setting of this header, the server can now trust that X-Grafana-User is set/unset by Grafana. Before this, an anonymous user could simply set the X-Grafana-User header themselves (using the developer tool for example)
Robbert Gurdeep Singh committed