diff options
author | linquize <linquize2@yahoo.com> | 2020-05-13 00:43:18 +0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-05-12 10:43:18 -0600 |
commit | 44536a7594f060dfca54a3cfb36135c93cba8e59 (patch) | |
tree | 2322de6edf51119ce9649e790c9d617cff9fa2bb | |
parent | ea7e4b4024f34fd53f8b8f7b5effb353b36cf8e8 (diff) |
cmd: reverse-proxy: add --insecure flag (with warning) (#3389)
-rw-r--r-- | modules/caddyhttp/reverseproxy/command.go | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/modules/caddyhttp/reverseproxy/command.go b/modules/caddyhttp/reverseproxy/command.go index 31a591c..6de052e 100644 --- a/modules/caddyhttp/reverseproxy/command.go +++ b/modules/caddyhttp/reverseproxy/command.go @@ -59,6 +59,7 @@ default, all incoming headers are passed through unmodified.) fs.String("from", "localhost", "Address on which to receive traffic") fs.String("to", "", "Upstream address to which to to proxy traffic") fs.Bool("change-host-header", false, "Set upstream Host header to address of upstream") + fs.Bool("insecure", false, "Disable TLS verification (WARNING: DISABLES SECURITY, WHY ARE YOU EVEN USING TLS?)") return fs }(), }) @@ -68,6 +69,7 @@ func cmdReverseProxy(fs caddycmd.Flags) (int, error) { from := fs.String("from") to := fs.String("to") changeHost := fs.Bool("change-host-header") + insecure := fs.Bool("insecure") httpPort := strconv.Itoa(caddyhttp.DefaultHTTPPort) httpsPort := strconv.Itoa(caddyhttp.DefaultHTTPSPort) @@ -127,6 +129,9 @@ func cmdReverseProxy(fs caddycmd.Flags) (int, error) { ht := HTTPTransport{} if toAddr.Scheme == "https" { ht.TLS = new(TLSConfig) + if insecure { + ht.TLS.InsecureSkipVerify = true + } } handler := Handler{ |